“SECURE FILE STORAGE USING HYBRID

CRYPTOGRAPHY”

A Project Report Submitted

In Partial Fulfillment of the Requirements
For the Degree of

BACHELOR OF TECHNOLOGY
in

Computer Science and Engineering

by

Kshitiz Pachaury
Ayush Kumar

Under the precious supervision of

Dr. Anita Yadav
Associate Professor

HARCOURT BUTLER TECHNICAL UNIVERSITY

June 2021
 CERTIFICATE

This is to certify that the seminar report is goldeous opportunity on the topic of

“Secure File Storage Using Hybrid Cryptography “is submitted by Kshitiz

Pachaury (170104030), Ayush Kumar(170104016) in partial fulfilment for the

award of degree of Bachelor of Technology in Computer Science & Engineering

has been found satisfactory and is approved for submission.

(Dr. Anita Yadav)

Associate Professor

CSE Department

School of Engineering

HBTU Kanpur
 ACKNOWLEDGEMENT

It gives us a great sense of pleasure to present the report of the B.Tech project

undertaken during the B.Tech CSE Final year. I owe a special debt of gratitude to

Dr. Narendra Kohli, Head of department, Computer Science and Engineering.

The satisfaction that accompanies the successful completion of any task would be

incomplete without the mention of people whose ceaseless cooperation made it

possible, whose constant guidance and encouragement crown all efforts with

success.

We are grateful to our project guide Dr. Anita Yadav for the guidance, inspiration

and constructive suggestions that help us in the preparation of this project.

We also thank our colleagues who have helped in successful completion of the

project.

Kshitiz Pachaury (170104030)

Ayush Kumar (170104016)

 TABLE OF CONTENTS:

TITLE PAGE No.

CERTIFICATE ii

ACKNOWLEDGEMENT iii

ABSTRACT v

INTRODUCTION vi

LITERATURE REVIEW vii

IMPLEMENTATION OF THE WORK DONE xxvii

RESULTS lxvi

CONCLUSION lxix

FUTURE SCOPE lxx

BIBLIOGRAPHY lxxi
CHAPTER 1
(ABSTRACT)
 ABSTRACT

The Digital Revolution has brought with it an exponential growth in the usage of

digital computation and along with it, the start of the Information Era. Furthermore,

companies are expanding globally and opening offices at various locations across

the globe. This has brought the need to make access to data from any location

possible and feasible. This is where Cloud Computing and Storage comes into the

picture. But with cloud storage comes security risks and data leak possibilities.

Hence data security is a very important component of cloud storage. Hence even if

a security breach were to take place, the attacker would get access to encrypted

data, which would still ensure data confidentiality. In this system, the user uploads a

file to the portal, it gets encrypted and then uploaded onto the cloud. The user can

then download their files from the cloud through the portal, which results in the

decrypted (or original) file getting downloaded to their local computer. The system

also uses two different hybrid approaches for encryption and decryption, namely

CHACHA20 and POLY1305 algorithms, and AEAD and AES-GCM algorithms.

 CHAPTER 2
(INTRODUCTION)
 INTRODUCTION

Existing System
For cloud storage, people were using other vendor’s cloud storage systems such as

google drive, one drive and many more, but it was not possible for the people and

organization to encrypt all data before uploading it to the cloud server. It was not

able to provide a secure storage environment for people and organizations. It was

also not able to provide privacy to their users. Privacy is a fundamental human right.

In the present system the data is still physically stored. Companies that provide

cloud storage must also have servers dedicated to storing your data. The fact is you

may never know for certain. Even providers that are based in one country, such as

India, might have servers in China or Pakistan or Canada, or anywhere else in the

world. Thus, the present system stated is time taking, insecure and costly.

Proposed System
As the system will be installed at any server which will act as host and its client’s

means people or organization can access this system using IP address or by using

its registered domain name. Each user will use their id and password to login and

access their panel to perform activities such as upload file, download encrypted key

and download original file.

People will be able to upload and download files. As day by day hacking activities

are increasing, it requires an encrypted and efficient system to achieve secure

storage. The proposed system “Secure File Storage System Using Hybrid

Cryptography” serves people’s needs in a consistent and transparent manner. It

should cater to the needs of secure storage. Thus, the system caters to the

spontaneous needs of the people.

 DOCUMENT CONVENTION:

The following documentation convention are followed in preparing this report:

● All keywords related to academics are formatted in bold.

● SRS - Software Requirement Specification
● DFD – Data Flow Diagram
 CHAPTER 3
(LITERATURE REVIEW)
 Literature Review

Abstract— Nowadays cloud computing is used in many areas like industry,

military colleges etc to store huge amounts of data. We can retrieve data from
the cloud on request of the user. To store data on cloud we have to face many
issues. To provide the solution to these issues there are n number of ways
Cryptography and steganography techniques are more popular now a day’s for
data security. Use of a single algorithm is not effective for high level security to
data in cloud computing. In this paper we have introduced new security
mechanism using symmetric key cryptography algorithm and steganography. In
this proposed system AES, blowfish, RC6 and BRA algorithms are used to
provide block wise security to data. All algorithm key size is 128 bit. LSB
steganography technique is introduced for key information security. Key
information contains which part of file is encrypted using by which algorithm and
key. File is splited into eight parts. Each and every part of file is encrypted using
different algorithm. All parts of file are encrypted simultaneously with the help of
multithreading technique. Data encryption Keys are inserted into cover image
using LSB technique. Stego image is send to valid receiver using email .For file
decryption purpose reverse process of encryption is applied. All parts of file are
encrypted simultaneously with the help of multithreading technique. Data
encryption Keys are inserted into cover image using LSB technique. Stego image
is send to valid receiver using email .For file decryption purpose reverse process
of encryption is applied. Cloud security is defensive method to protect data and
there are various method to protect data like Deterrent controls, Preventive
controls, corrective controls and detective controls. With concern of security we
should keep some points in mind like privacy, confidentiality, integrity and so on.
And our novel research based on this.
Cloud computing is originated from earlier large-scale distributed computing
technology. NIST defines Cloud computing as a model for enabling convenient,
on demand network access to a shared pool of configurable computing
resources (e.g., networks, storage, applications and services) that can be rapidly
provisioned and released with minimal management effort or service provider
interaction”. In Cloud computing, both files and software are not fully contained
on the user’s computer. File security concerns arise because both the user's
application and program are residing in provider premises. The cloud provider
can solve this problem by encrypting the files by using encryption algorithm. This
paper presents a file security model to provide an efficient solution for the basic
problem of security in cloud environment. In this model, hybrid encryption is used
where files are encrypted by blowfish coupled with file splitting and SRNN
(modified RSA) is used for the secured communication between users and the
servers

Cryptography technique translates original data into unreadable form.

Cryptography technique is divided into symmetric key cryptography and public
key cryptography. This technique uses keys for translate data into unreadable
form. So only authorized person can access data from cloud server. Cipher text
data is visible for all people. Symmetric key cryptography algorithms are AES,
DES,3DES, IDEA, BRA and blowfish. The main issue is delivering the key to
receiver into multi user application. These algorithms require low delay for data
encode decode but provides low security. Public key cryptography algorithm is
RSA and ECC algorithm. Public and private keys are manipulated into public key
cryptography algorithms. These algorithms accomplish high level security but
increase delay for data encode and decode. Steganography hide the secret data
existence into envelope. In this technique existence of data is not visible to all
people. Only valid receiver knows about the data existence. Text steganography
technique is used to produce high security for data. Secret data of user hide into
text cover file. After adding text into text cover file, it looks like normal text file. If
text file found by illegitimate user than also cannot get sensitive data. If
illegitimate user try to recover original data than large amount of time is essential.
DES algorithm is used for text encode and decode. Advantage of text
steganography technique is providing security to text. Minimum space is
essential for text steganography as compare to image steganography Three-bit
LSB technique used for image steganography. This system is suggested by
author R.T.Patil .Sensitive data of user hide into cover image. We can hide huge
amount of into image using LSB steganography technique. The author Klaus
Hafmann has implemented high throughput architecture for cryptography
algorithm. AES is symmetric key cryptography algorithm. It supports three types
of keys. For 128-bit key require 10 rounds,192-bit key require 12 rounds and 256
bit key require 14 rounds. In improved AES algorithm encryption and decryption
time is reduced. Advantage of modified AES algorithm is providing better
performance in terms of delay New symmetric key cryptography algorithm is
presented by author M. Nagle. It applies a single key for texts encode
and decode. Size of key is 128 bit. In this algorithm many steps are executed
randomly so illegitimate user can even guess the steps of algorithm. Provide high
throughput is one of
the advantage of symmetric key cryptography algorithms. Improved DES
algorithm uses 112-bit key size for data encode and decode. For data encode
purpose two keys are used.128-bit input of DES algorithm is divided into two
parts. That two parts are executed at a same time. DES algorithm has one
weakness. That is less key size.3DES algorithm essential large
amount of time for encryption and decryption. Improved DES algorithm has
capability of provide better performance as compare to DES and 3DES. Name
Based Encryption
Algorithm is work on one byte at a time. It uses secret key for encryption and
decryption. Key generation process is done using random key generation
technique. It provides security to data. Disadvantage of this algorithm is essential
maximum time for converting data into cipher text because it operates on single
byte at a time. To solve data storage and security issues author has new security
model. In this model private and public cloud storage areas are used for increase
security level of data. On private cloud secure data is stored and unnecessary
data is stored on public cloud. Because public text cover file. After adding text
into text cover file it looks
like normal text file. If text file found by illegitimate user than also cannot get
sensitive data. If illegitimate user try to recover original data than large amount of
time is essential. DES algorithm is used for text encode and decode. Advantage
of text steganography technique is providing security to text. Minimum space is
essential for text steganography as compare
to image steganography. Three-bit LSB technique used for image steganography.
This system is suggested by author R.T.Patil .Sensitive data of user hide into
cover image. We can hide huge amount of into image using LSB steganography
technique. The author Klaus Hafmann has implemented high throughput
architecture for cryptography algorithm. AES is symmetric key cryptography
algorithm. It supports three types of keys. For 128-bit key require 10 rounds, 192
bit key require 12 rounds and 256 bit key require 14 rounds. In improved AES
algorithm encryption and decryption time is reduced. Advantage of modified AES
algorithm is provides better performance in terms of delay. New symmetric key
cryptography algorithm is presented by author M. Nagle. It applies a single key
for texts encode and decode. Size of key is 128 bit. In this algorithm many steps
are executed randomly so illegitimate user can even guess the steps of
algorithm. Provide high throughput is one of the advantages of symmetric key
cryptography algorithms. Improved DES algorithm uses 112-bit key size for data
encode and decode. For data encode purpose two keys are used.128-bit input of
DES algorithm is divided into two parts That two parts are executed at a same
time. DES algorithm has one weakness. That is less key size.3DES algorithm
essential large amount of time for encryption and decryption. Improved DES
algorithm have capability of provide better performance as compare to DES and
3DES. Name Based Encryption Algorithm is work on one byte at a time. It uses
secret key for
encryption and decryption. Key generation process is done using random key
generation technique. It provides security to data. Disadvantage of this algorithm
is essential maximum
time for converting data into cipher text because it operate on single byte at a
time To solve data storage and security issues author has new security model. In
this model private and public cloud storage areas are used for increase security
level of data. On private cloud secure data is stored and unnecessary data is
stored on public cloud. Because public cloud any one can access. The main
reason behind this system is reduce storage cost Private cloud is more secure
than the
public cloud. To enhance security of file in cloud computing. Source file is break
into different into different part. Every part of file is encrypted and stored on more
than one cloud. Information about file is stored on cloud server for decryption
purpose. If attacker try to recover original file than he will get only a single part of
file. Elliptic Curve cryptography algorithm is used to accomplish high level
security. Key managing complications are removed using access management
and identity. ECC algorithm need maximum amount of time for file encode and
decode. File is converted into unreadable format using AES algorithm. Encrypted
file is stored on cloud. AES algorithm is less secure than public key cryptography
algorithms. AES and 3DES algorithms are merge into hybrid algorithm to
accomplish confidentiality. It is harder for attacker to recover secret file of user. It
consumes maximum amount of delay to translate data into decode and encode
form. In existing system single algorithm is used for data encode and decode
purpose. But use of single algorithm is not accomplish high level security. If we
use single symmetric key cryptography algorithm than we have to face security
problem because in this type of algorithm applies a single key for data encode
and decode. So key transmission problem occur while sharing key into multiuser
environment. Public key cryptography algorithms accomplish high security but
maximum delay is needed for data encode and decode. To
solve above issues we have introduced new security mechanism.

Cloud owner and cloud user are included into system architecture as show in
above figure Cloud owner upload the data on cloud server. File is split into octet.
Every part of file is encoded simultaneously using multithreading technique.
Encoded file is stored on cloud server. Keys used for encryption are stored into
cover image. Cloud computing is the multi user environment. In this more than
one user can access file from cloud server. Cloud user request for file. On
request of file user also get stego image using email which consist of key
information. Reverse process is used for decode the file.
Data Security Issues
Due to openness and multi-tenant characteristics of the cloud, the traditional
security mechanisms are no longer suitable for applications and data in cloud.
Some of the issues are as following:
● Due to dynamic scalability, service and location transparency features of
cloud computing model, all kinds of application and data of the cloud
platform have no fixed infrastructure and security boundaries. In the event
of security breach, it is difficult to isolate a particular resource that has a
threat or has been compromised.
● According to service delivery models of Cloud computing, resources and
cloud services may be owned by multiple providers. As there is a conflict of
interest, it is difficult to deploy a unified security measure.
● Due to the openness of cloud and sharing virtualized resources by
multitenant, user data may be accessed by other unauthorized users.

HYBRID CRYPTOSYSTEM SCHEME

In order to ensure file security on cloud, hybrid cryptosystem is being used. We
assume that the remote server is trusted, so files are encrypted by server and
finally encrypted files are stored at the server end. The hybrid cryptosystem uses
a combination of:

 Blowfish Algorithm coupled with File Splitting and Merging mechanism

 SRNN Algorithm
In a hybrid scheme, the performance of symmetric algorithm is integrated with
security of asymmetric algorithm. The symmetric algorithm (Blowfish) used in
hybrid cryptosystem has best practice to avoid data misuse when compared with
other symmetric algorithms. Also, in terms of throughput, Blowfish has best
performance. The SRNN used serves as a good balance between speed and
security. In hybrid cryptosystem, firstly, files uploaded files are sliced and each
slice is encrypted by the corresponding key Blowfish key provided by the user.
Secondly, each of the n keys are encrypted using SRNN where n is the number
of slices.

Blowfish
Blowfish is a symmetric block cipher which uses a Fiestal network, 16 rounds of
iterative encryption and decryption functional design. The block size used is of
64-bits and key size can vary from any length to 448.Blowfish cipher uses 18 sub
arrays each of 32-bit commonly known as P-boxes and four Substitution boxes
each of 32-bit, each having 256 entries. The algorithm design is shown in figure.
It consists of two phases: one is Key Expansion phase another is Data
Encryption phase. In Key expansion phase, key is converted into several
sub-keys and in Data Encryption phase, encryption occurs via 16-round
networks. Each round consists of a key dependent permutation and a key and
data dependent substitution.
SRNN
The SRNN algorithm is a public key cryptography algorithm similar to RSA with
some improvement. In this algorithm, extremely large number having two prime
factors (similar to RSA) is used. In addition to, this, two short range natural
number in pair of keys are used. This improvement increases the security of
cryptosystem. SRNN is used for secure communication between user and cloud
servers.

RELATED WORK
Hybrid cryptography algorithm present by author A. Shahade. AES and RSA
algorithms are used into hybrid algorithm. AES algorithm require a single key. In
hybrid algorithm three keys are used. For data upload on cloud mandatory keys
are AES secret key and RSA public key.
Private key of RSA and AES secret key are essential to download data from
cloud. Whenever use makes an effort to upload data on cloud first that file stored
onto directory for short time. In encryption process first AES algorithm is applied
on file after that RSA algorithm is applied on encrypted data. Reverse process is
followed for decryption. After applying keys that file covert into encoded form and
stored on cloud server. Advantages of hybrid algorithm are data integrity,
security, confidentiality and availability. Disadvantage of RSA algorithm is large
amount time essential for data encode and decode.
In security model symmetric algorithm uses chunk level encryption
and decryption of data in cloud computing. Key size is 256 bit. Key is rotated to
achieve high level security. For data integrity purpose hash value is generated.
Hash values are garneted after encryption and before decryption. If both hash
values matches than that data is in correct form. In this security model only valid
user can access data from cloud. Advantages of security model are integrity,
security and confidentiality.
Three algorithms are used for implementation of hybrid algorithm. User
authentication purpose digital signature is used. Blowfish algorithm is used to
produce high data confidentiality. It is symmetric algorithm. It uses single key
Blowfish algorithm need least amount of time for encode and decode. Sub key
array concept is used into blowfish algorithm. It is block level encryption
algorithm. The main aim of this hybrid algorithm is achieved high security to data
for upload and download from cloud. Hybrid algorithm solves the security,
confidentiality and authentication issues of cloud.
 RESULT ANALYSIS
In this proposed system AES, RC6, Blowfish and BRA algorithms are used for
block wise security to data. Proposed system is hybridization of AES, RC6,
Blowfish and BRA. All algorithms are symmetric key cryptography. These
algorithms uses a single key for file encode and decode purpose. All algorithms
key size is 128 bit. To hide key information into cover image using LSB
technique. Implementation of proposed system is done using python language.
File encoding and decoding time is calculated with the help of python
programming. File encode and decode time is calculated for only text file with
comparison of existing AES and Blowfish algorithms. File size is given in MB for
AES algorithm. That is 1MB, 2MB, 4MB and 8MB.For Encode and decode time
calculation of blowfish algorithm given file size is 100KB,200KB,400KB and
800KB.Encoding and decoding time is calculated in sec.
As shown in figure proposed system need least amount of time for file encode.
Because in proposed system combination of symmetric key cryptography
algorithms are run simultaneously. In Hybrid algorithm need 17% to 20% less
time for text file as compare to Existing system. Use of single algorithm does not
provide high level security to data in cloud computing...
As shown in above figure existing system need 15% to 17% maximum time need
for file decryption purpose as compare to hybrid algorithm. AES algorithm is
accomplished least amount of time for decryption. But provides less security to
data. In AES if key size increases automatically number of rounds increases than
encode and decode time also increases.
Blowfish need least amount of time for file encode with compare to Advance
Encryption Standard algorithm. As shown in above figure proposed system 12%
to 15% less time need for file encode as compare to Blowfish. In proposed hybrid
algorithm uses a single key for data encode and decode.
In proposed sysystem for text file decryption need 10% to 12% minimum time as
compare to Blowfish as shown above figure In hybrid algorithm for file decryption
needed maximum time as
compare to encryption. But Blowfish algorithm need minimum time for text file
decode as compare to AES algorithm. For text file deceyption needed maximum
time in Blowfish algorithm as compare to encryption.
HYBRID CRYPTOSYSTEM PHASES
.
The hybrid cryptosystem used to maintain security of the files has two phases:

● Encryption Phase
● Decryption Phase

A. Encryption Phase

At the encryption end,

● On the specification of user, the file being encrypted will be sliced into n
slices. Each of the file slices is encrypted using Blowfish key provided by
the user for each slice.
● The key will be encrypted using SRNN public key
● After encryption, we have encrypted files slices and the corresponding
encrypted keys.

B. Decryption Phase

At the decryption end,

 ● The user will provide n SRNN private keys, according to the number of
slices (n) created during the encryption phase. Blowfish key is decrypted at
the server end using the SRNN private key specific to the slice.
● Using the corresponding decrypted Blowfish keys, file slices stored at
server are decrypted.
● The decrypted slices will be merged to generate original file.

PROPOSED CLOUD COMPUTING

SECURITY ARCHITECTURE

In order to ensure file security on cloud, the above hybrid cryptosystem is

deployed on cloud. We assume cloud server as trusted but in order to prevent
tampering/misuse of data by intruder or data leakage or other security concerns,
the data is stored at server in the encrypted form.
We broadly classify the scheme deployed on cloud in three phases:
● Registration Phase
● Uploading Phase
● Downloading Phase
We used Open Nebula toolkit to set up cloud environment. In Open Nebula, we
have one front node and n cluster nodes. The VM’s are deployed from front node
to the corresponding cluster node. Open Nebula has been designed in such a
way that it allows integration with many different hypervisors and environments.
There is a front-end that executes all the process in Open-Nebula while the
cluster nodes provide the resources that are needed by VM. There is at least one
physical network joining all the cluster nodes with the frontend.
A. Registration Phase

In the Registration Phase, the client registers himself in order to upload and view
his files to/from the cloud server. In the registration process, the client sends its
request to front node and in return, front node assigns the VM of the cluster
node, which has minimum load among other VM’s on the network to the client. At
the end of registration phase, the client is registered with IP address of
corresponding VM. Whenever he again issues his request, the request is
transferred to its corresponding VM. The encrypted files, encrypted blowfish
keys, public SRNN keys are stored at his registered VM.

B. Uploading Phase

In the Uploading Phase, steps are as follows:

● Step: 1: The client will send request to front node to authenticate himself.
● Step 2: On successful authentication, the front end which send the
corresponding IP address of the VM against which user was registered.
● Step 3: The files are uploaded by the client to the registered server (VM).
● Step 4: The encryption of uploaded files is done using the hybrid
cryptosystem.
● Step 5: The encrypted slices and Blowfish encrypted keys remain stored in
VM’s data store.
● Step 6: The SRNN private keys are send to user and finally they are
deleted form the server so that only the authenticated user is able to view
his uploaded file.
C. Downloading Phase

In the downloading phase, the steps are as follows:

● Step 1: The client will send request to front node to authenticate himself.
● Step 2: On successful authentication, the front end which send the
corresponding IP address of the VM against which user was registered
● Step 3: The client will upload n SRNN private keys for the corresponding n
slices.
● Step 4: The SRNN private keys will decrypt the corresponding encrypted
Blowfish keys and the encrypted slices are decrypted by Blowfish keys.
● Step 5: The decrypted files are merged to generate original file.
● Step 6: The decrypted file is downloaded and viewed at client end.

DESIGN AND IMPLEMENTATION

For the purpose of simulating the proposed cloud security model, we used Open
Nebula open source toolkit. Here we created one front node and two cluster
nodes. At each of the Cluster node 2 VM’s are deployed. The allocation of VM at
the time of registration is implemented in python which is well known for its
platform independence. The hybrid cryptosystem is also implemented in python
and deployed at each of the VM. Various libraries have been used like python.
crypto. security to implement hybrid encryption scheme. The cloud security
model has been tested for various types of file: audio, image, text, word, pdf file.
BENEFITS OF PROPOSED MODEL

The proposed model is liable to meet the required security needs of data center
of cloud. Blowfish used for the encryption of file slices takes minimum time and
has maximum throughput for encryption and decryption from other symmetric
algorithms. Modified RSA(SRNN) has increased security than RSA. The idea of
splitting and merging adds on to meet the principle of data security. The hybrid
approach when deployed in cloud environment makes the remote server more
secure and thus, helps the cloud providers to fetch more trust of their users. For
data security and privacy protection issues, the fundamental challenge of
separation of sensitive data and access control is fulfilled. The various benefits
are as summarized:

● The public key cryptography used helps to facilitate authorization of user

for each file.
● The need of more light and secure encryption system for file information
preserving system on cloud is satisfied.
● The file splitting and merging makes the model unfeasible to get attacked.

CONCLUSION AND FUTURE WORK

Cloud storage issues are solved using cryptography and stenography

techniques... Block wise Data security is achieved using AES, RC6, Blowfish and
BRA algorithms. Key information security is accomplished using LSB technique.
Data integrity is accomplished using SHA1 hash algorithm. Low delay parameter
is achieved using multithreading technique. With the help of proposed security
mechanism data integrity, high security, low delay, authentication and
confidentiality parameters are accomplished. Using proposed Text file encryption
need 17% to 20% less time as compare to AES algorithm. For AES text
decryption needs 15% to 17% maximum time as compare to proposed system. In
Blowfish for encryption need 12% to 15% maximum time as compare to
proposed hybrid algorithm. Text file decryption using hybrid algorithm need 10%
to 12% less time with respect to Blowfish algorithm. In future, try to accomplish
high level security using hybridization of public key cryptography algorithms.

According to service delivery models and deployment models of cloud, data

security and privacy protection are the primary problems that need to be solved.
Data Security and privacy issues exist in all levels in SPI service delivery models.
The above-mentioned model is fruitful in data as a service, which can be
extended in other service models of cloud. Also, it is tested in cloud environment
like Open Nebula, in future this can be deployed in other cloud environments and
the best among of all can be chosen.
 CHAPTER 3

IMPLEMENTATION OF WORK DONE

 IMPLEMENTATION OF WORK DONE

1) - PROJECT PERSPECTIVE:

The product Secure File Storage system is an independent product and does

not depend on any other product or system. The product will automate

various tasks associated with handling encryption of files and better

organizing the stored information and optimum performance, thus helping the

people to ensure smooth working of these processes.

2) - PRODUCT FEATURE:

As day by day hacking activities are increasing, it requires an encrypted and

efficient system to achieve secure storage. The proposed system “Secure

File Storage System Using Hybrid Cryptography” serves people’s needs in a

consistent and transparent manner. It should cater to the needs of secure

storage. Thus, the system caters to the spontaneous needs of the people. It

stores the users’ confidential files on the storage servers, and users have the

freedom of accessing their files from any location. All of a user’s devices such

as tablets, laptops, mobile phones, desktop PCs and other technology

gadgets can be used to store, and access files stored on the cloud.

Businesses can also benefit from cloud storage by being able to improve

productivity considerably with the help of cloud storage. Cloud storage thus

eliminates the need for carrying physical storage devices.

3) - USER CLASSES:

● User:
In User module we have four options:

1. Upload File.

2. Download Key.

3. Upload Key.

4. Download File.

● When the user selects the “Upload File” option, then the form will be
opened for uploading the file. Then, the file will upload on the server in
encrypted form.
● In the “Download Key” option, it will appear only when the file is
uploaded successfully.
● When the user selects the “Download” option, then the upload key form
will appear.
● Once the uploaded key is accepted, then you can download your
original file.

● Registration:
This module is responsible for capturing and submitting the details of all

users of the System so that they can get the facility of upload and download

files.

● Login:
In this module User enters the User id and password is checked and only

valid user id and password will get entry into Dashboard. This is a security

feature to avoid entry of unauthorized users.

● Upload:
 Users can upload their files and download the decryption key for that

particular file.

● Download:
Users can upload their file’s decryption key and download the original file.

● Security Management Process:

This module stores the password in encrypted form.

● Logout:
The Admin and User can successfully logout and their session will be

destroyed.

4) - OPERATING ENVIRONMENT:

● Web Presentation: HTML, CSS

● Client – side Scripting: JavaScript
● Programming Language: Python, Flask
● Backend Database: Sqlite3
● Operating System: Windows, LINUX
HARDWARE REQUIREMENTS

● Hard Disk -------- 20GB

● KEYBOARD -------- 108 Standard
● RAM Capacity -------- 128MB
● Pentium processor -------- 233 MHZ or above
5) -ASSUMPTIONS AND DEPENDENCIES:

There are no assumptions made in this project.

NON-FUNCTIONAL REQUIREMENT:

● SAFETY REQUIREMENT:
This software will ease the process upload and download file.

● SECURITY REQUIREMENTS:
This software will:

● Authenticate each user, who logs in.

● When the user performs any action, authorize him/her to perform the

actions allowed for the user and displays an error message if found to be

unauthorized.

● PERFORMANCE REQUIREMENT:
This software should be able to handle the following tasks:

● It should be able to handle the Sqlite3 database of 100 users.

● Two users can simultaneously upload and download file.

PROJECT DESCRIPTION

1)-PROJECT CATEGORY:

Secure File Storage Category of this project is RDBMS based, n-tier

architecture, distributed environment project with server-side components.

Project can be categorized in two ways:

● Network Security projects.

● Network Security System, all the files, data & personal information are
kept safe and protected from unauthorized access from people present on

the network and people outside it.

2) - MODULES:

● Registration

● Login

● New User

● Dashboard

● Upload

● Download

● Logout

But, the system “Secure File Storage” consists of mainly 4 modules.

1. User Profile Management

2. Dashboard

3. Upload

4. Download

User Profile Management:

This module facilitates new user registration, sign in of existing user.

Dashboard:

This module facilitates conventional dashboard options like upload, download

etc.

Upload:

This module allows us to upload your files on server.

Download:

It is an important feature of this system. With this feature, this system not only

allows to upload key but also download your original file.

PROJECT DESIGN
This chapter describes the design decisions made to meet the aims that are

specified in the specifications required. This chapter will also bring in some of

the ideas and research outlined in the previous chapter.

Overview of system

● Here the browser clients have a username. The authentication of the

users is verified by the server and the valid users are allowed go to

dashboard.

● In dashboard they can upload their personal files. Thus, the job of upload

is to upload files and download encrypted key.

● The user can only download their files when decryption key of that file

match to decryption key stored on server.

● The user details are stored in the MYSQL Database which can retrieve

them as needed.

Encryption: Encryption is a way of scrambling data so that only authorized

parties can understand the information.
Decryption: The conversion of encrypted data into its original form is
called Decryption.

1) - DATA FLOW DIAGRAM (DFD):

Data flow diagrams model the flow of data into, though, and out of an

information system:

● Show the processes that change or transform data.

● Show the movement of data between processes.

● Represent a system as a network of processes which transform data

flowing between them.

The user screen flow shows what a user of the community will see. After

successfully logging on, the user will be given various links (such as search

users, search boards, view mail, etc.), and be able to select options from

there, or go back to their home.

Data flow diagram is graphical representation of flow of data in an information

system. It is capable of depicting incoming data flow, outgoing data flow and

stored data. The DFD does not mention anything about how data flows

through the system.

There is a prominent difference between DFD and Flowchart. The flowchart

depicts flow of control in program modules. DFDs depict flow of data in the

system at various levels. DFD does not contain any control or branch

elements.

Types of DFD
Data Flow Diagrams are either Logical or Physical.

● Logical DFD - This type of DFD concentrates on the system process,

and flow of data in the system. For example, in a Banking software

system, how data is moved between different entities.

● Physical DFD - This type of DFD shows how the data flow is
implemented in the system.

● DFD COMPONENTS:
DFD can represent Source, destination, storage and flow of data using the

following set of components –

● Entities - Entities are source and destination of information data. Entities

are represented by a rectangle with their respective names.

● Process - Activities and action taken on the data are represented by

Circle or Round-edged rectangles.

● Data Storage - There are two variants of data storage - it can either be
represented as a rectangle with absence of both smaller sides or as an

open-sided rectangle with only one side missing.

 ● Data Flow - Movement of data is shown by pointed arrows. Data
movement is shown from the base of arrow as its source towards head of

the arrow as destination.

● Levels of DFD:

● Level 0 - Highest abstraction level DFD is known as Level 0 DFD, which

depicts the entire information system as one diagram concealing all the

underlying details. Level 0 DFDs are also known as context level DFDs.

● Level 1 - The Level 0 DFD is broken down into more specific, Level 1
DFD. Level 1 DFD depicts basic modules in the system and flow of data

among various modules. Level 1 DFD also mentions basic processes and

sources of information.

● Level 2 - At this level, DFD shows how data flows inside the modules
mentioned in Level 1.

Higher level DFDs can be transformed into more specific lower level DFDs

with deeper level of understanding unless the desired level of specification is

achieved.

LEVEL-0 DFD:
LEVEL -1 DFD:
LEVEL -2 DFD:
2) – E - R DIAGRAM:

Definition:

An entity-relationship (ER) diagram is a specialized graphic that illustrates the

Interrelationships between entities in a database.

ER diagrams often use symbols to represent three different types of

information. Boxes are commonly used to represent entities. Diamonds are

normally used to represent relationships and ovals are used to represent

attributes.

Entity Relationship (ER) diagrams:

The ER or (Entity Relational Model) is a high-level conceptual data model

diagram. Entity-Relation model is based on the notion of real-world entities

and the relationship between them.

ER modeling helps you to analyze data requirements systematically to

produce a well-designed database. So, it is considered a best practice to

complete ER modeling before implementing your database.

ER diagrams are a visual tool which is helpful to represent the ER model. It

was proposed by Peter Chen in 1971 to create a uniform convention which

can be used for relational database and network. He aimed to use an ER

model as a conceptual modeling approach.

Entity relationship diagram displays the relationships of entity set stored in a

database. In other words, we can say that ER diagrams help you to explain
the logical structure of databases. At first look, an ER diagram looks very

similar to the flowchart. However, ER Diagram includes many specialized

symbols, and its meanings make this model unique

This model is based on three basic concepts:

● Entities

● Attributes

● Relationships
 3) – ACTIVITY DIAGRAM:

Activity Diagram of the user

It is an activity diagram of the general user. First of all, the user encounters a

welcome page that prompts him to enter the valid user name (or valid user- id)
and the corresponding password. After a successful user login, he is allowed to

upload his files to server. He then can download the decryption key.

Apart from uploading files, he is also allowed to download his original file which is

stored on server in encrypted form. He then can logout from the dashboard after

the successful transactions. Once the user is logged out, he is only allowed

through the login page.

4) – STRUCTURE CHART:

A Structure Chart (SC) in software engineering and organizational theory is

a chart which shows the breakdown of a system to its lowest manageable

levels. They are used in structured programming to arrange program

modules into a tree. Each module is represented by a box, which contains

the module's name. The tree structure visualizes the relationships between

modules.

A structure chart is a top-down modular design tool, constructed of squares

representing the different modules in the system, and lines that connect

them. The lines represent the connection and or ownership between activities

and sub activities as they are used in organization charts.

In structured analysis structure charts, according to Wolber (2009), "are used

to specify the high-level design, or architecture, of a computer program. As a

design tool, they aid the programmer in dividing and conquering a large

software problem, that is, recursively breaking a problem down into parts that

are small enough to be understood by a human brain. The process is called

top-down design, or functional decomposition. Programmers use a structure

 chart to build a program in a manner similar to how an architect uses a

blueprint to build a house. In the design stage, the chart is drawn and used

as a way for the client and the various software designers to communicate.

During the actual building of the program (implementation), the chart is

continually referred to as "the master-plan".

A structure chart depicts

● the size and complexity of the system, and

● number of readily identifiable functions and modules within each function and

● whether each identifiable function is a manageable entity or should be broken

down into smaller components.

A structure chart is also used to diagram associated elements that comprise

a run stream or thread. It is often developed as a hierarchical diagram, but

other representations are allowable. The representation must describe the

breakdown of the configuration system into subsystems and the lowest

manageable level. An accurate and complete structure chart is the key to the

determination of the configuration items (CI), and a visual representation of

the configuration system and the internal interfaces among its CIs. During the

configuration control process, the structure chart is used to identify CIs and

their associated artifacts that a proposed change may impact.

According to Wolber (2009), "a structure chart can be developed starting with

the creating of a structure, which places the root of an upside-down tree

which forms the structure chart. The next step is to conceptualize the main

sub-tasks that must be performed by the program to solve the problem. Next,
the programmer focuses on each sub-task individually, and conceptualizes

how each can be broken down into even smaller tasks. Eventually, the

program is broken down to a point where the leaves of the tree represent

simple methods that can be coded with just a few program statements".

The structure chart of secure file storage system is given in next page.
STRUCTURE CHART
 TESTING

Testing is the process of running a system with the intention of finding errors.

Testing enhances the integrity of a system by detecting deviations in design

and errors in the system. Testing aims at detecting error-prone areas. This

helps in the prevention of errors in a system. Testing also adds value to the

product by conforming to the user requirements.

The main purpose of testing is to detect errors and error-prone areas in a

system. Testing must be thorough and well-planned. A partially tested system

is as bad as an untested system. And the price of an untested and

under-tested system is high.

The implementation is the final and important phase. It involves user-training,

system testing in order to ensure successful running of the proposed system.

The user tests the system and changes are made according to their needs.

The testing involves the testing of the developed system using various kinds

of data. While testing, errors are noted and correctness is the mode.

1. OBJECTIVES OF TESTING:

Testing is a process of executing a program with the intent of finding errors. A

Successful test case is one that uncovers an as- yet-undiscovered error.

The various types of testing on the system are:

Unit Testing.
Integration Testing

System testing

User Acceptance Testing

● Unit Testing:
Unit testing focuses efforts on the smallest unit of software design. This is

known as module testing. The modules are tested separately.

The test is carried out during programming stage itself.

In this step, each module is found to be working satisfactory as regards to the

expected output from the module.

● INTEGRATION TESTING:
Data can be lost across an interface. One module can have an adverse effect

on another, sub functions, when combined, may not be linked in desired

manner in major functions. Integration testing is a systematic approach for

constructing the program structure, while at the same time conducting test to

uncover errors associated within the interface. The objective is to take unit

tested modules and builds program structure. All the modules are combined

and tested as a whole.

● SYSTEM TESTING:
System testing is the stage of implementation. This is to check whether the

system works accurately and efficiently before live operation commences.

Testing is vital to the success of the system. The candidate system is subject
to a variety of tests: on line response, volume, stress, recovery, security and

usability tests. A series of tests are performed for the proposed system is

ready for user acceptance testing.

● USER ACCEPTANCE TESTING:

User acceptance of a system is the key factor for the success of any system.

The system under consideration is tested for the user acceptance by

constantly keeping in touch with the prospective system users at the time of

developing and making changes whenever required.

2. VALIDATION:

At the culmination of the integration testing, Software is completely

assembled as a package. Interfacing errors have been uncovered and

corrected and a final series of software test begin in validation testing.

Validation testing can be defined in many ways, but a simple definition is that

the validation succeeds when the software functions in a manner that is

expected by the customer. After validation test has been conducted, one of

the three possible conditions exists.

The function or performance characteristics confirm to specification and are

accepted.

A deviation from specification is uncovered and a deficiency lists is created.

Proposed system under consideration has been tested by using validation

test and found to be working satisfactory.

3. OUTPUT TESTING:
After performing the validation testing, the next step is output testing of the

proposed system, since no system could be useful if it does not produce the

required output in a specific format. The output format on the screen is found

to be correct; the format was designed in the system design time according to

the user needs. For the hard copy also; the output comes as per the specified

requirements by the user. Hence output testing did not result in any

correction for the system.

4. TEST CHARACTERS:

● BLACK BOX TESTING:

The method of Black Box Testing is used by the software engineer to derive

the required results of the test cases:

1. Black Box Test

2. A Black Box test for the internal logic structure of the software.

3. Black box testing was performed to find errors in the following categories: -

● Incorrect or missing functions

● Graphics error.

● Errors in data in binary format.

● Error in data in integer format.

● File error.

● Pointer error.

● Memory access error.

● Variable error.
● Performance error

● WHITE BOX TESTING:

White Box methods the software engineer can derive the following test

cases:

1. Optimizing the code

2. Finding hidden errors

In White Box Testing efforts were made to handle the following: -

● Number of input parameters equal to number of arguments.

● Parameters and arguments attributes match.

● Any references to parameters not associated to build in functions correct.

● Input only arguments altered.

● Global variable definition consistent across module.

● Files attributes correct.

● Format specifications matches I/O specification.

● Files opened before use.

● File closed while working is going on.

● I/O errors handled.

● Any textual errors in output information.

5.TEST DATA IMPLEMENTATION AND THEIR RESULT ON:

 The quality depends truly on the various predefined testing norms and on the

performances of the software over those norms. There are various standards

existing in the software industry the engineered end product strives to

achieve viz. ISO 9002 SEI CMM Level5 etc. These s t a respective testing

norm predefined in them vide the various test cases and parameters using

the CASE topologies. Generally, software is tested both on a stand-alone

mode as well after integrating all the modules in the system vide deferent

available testing methods/norms.

FLOW GRAPH

The following Flow Graph methodology was used while testing the software:
Here each circle represents one or more non-branching procedural language

or source codes methodology was selected. While performing Loop Testing

simple loops, concatenated loops, nested and unstructured loops were tested

thoroughly.

● TEST CASES:

● LOGIN:

Sr. Input Test Conditional Resu

Value case being checked lt
No.
s

1 User-I Emp Please input Succ

D ty data values essf
ul

2 User-I Wro Wrong user-ID Succ

D ng or Password essf

Use ul

r-ID
 3 Passw Emp Please input Succ
ord ty data values essf
ul

4 Passw If Wrong user-ID Succ

ord wron or Password essf
g ul

Pas
swor
d

1. SYSTEM TESTING:
System testing is a critical element of quality assurance and represents the

ultimate review of analysis, design and coding. Test case design focuses on a

set of techniques for the creation of test because that meet overall testing

objective. When a system is developed it is hoped that it performs properly.

The main purpose of testing an information system is to find the errors and

correct them.

System testing is the process of checking whether the developed system is

working according to the objective and requirement. All testing is to be

conducted in accordance to the test conditions specified earlier. This will

ensure that the test coverage meets the requirements and that testing is

done in a systematic manner.

The process of analyzing the software item to detect the differences between

existing or required condition and evaluate the features of the software items.

The thorough testing of the system before release of the software needs to

be done vide the various test cases and modes so that the software becomes

devoid of bugs and uses minimum space requirements as well as minimum

time to perform. The test cases were selected beforehand with expected

results defined and actual results recorded for comparison. The selection of

test cases is done by “White Box Testing” technique to check the internal

programming logic and efficiency and vide” Black Box Testing” technique to

check software requirement fulfillment with intension of finding maximum

number of errors with minimum effort and time. Although test cases are a

design by considering the cyclomatic complexity, conditional test, still the

software code is not in its optional form, as all other possible alternative parts

in the software are not considered. At the integration level, the software will

be passing to the third-party tests which would further enhance the software

optimality and efficiency

CHAPTER 4
RESULTS
 RESULTS

SERVER:

1)-DATABASE TABLE SNAPSHOT:

In secure file storage, we had created a database named as “database1”.This

database consists of some tables, these are:
DESCRIPTION OF ALL TABLES:

1- user table:
HOME PAGE:
 LOGIN PAGE:

SIGNUP PAGE:
UPLOAD PAGE:

SUCCESS PAGE:
KEY DOWNLOAD PAGE:

DOWNLOAD PAGE:
KEY SUCCESS PAGE:

DOWNLOAD FILE:
 CONCLUSION

INPUT OF PROJECT:

Login page get the input of user id and password.

● Create the new user id for your Profile yourself

● Upload File

● Upload Decryption Key

OUTPUT OF PROJECT:

● Download Decryption Key

● Download Original File

● Home

5) - BENEFITS OF PROJECT:

● Fully works as an online

● Reducing the time

● Easy file storage with encryption.

● Centralized store all information.

 CHAPTER 5

FUTURE SCOPE
 FUTURE SCOPE:

The proposed system scope is limited to storage only. It can be

enhanced to be a global file sharing for multinational organizations. As

day by day hacking activities are increasing, it requires a encrypt and

efficient system to achieve secure storage. The proposed system

“Secure File Storage System Using Hybrid Cryptography” serves

people’s needs in a consistent and transparent manner. It should cater

to the needs of secure storage. Thus, the system caters to the

spontaneous needs of the people.

CHAPTER 6
BIBLIOGRAPHY
 BIBLIOGRAPHY

1. For RFC8439, http://www.rfc-archieve.org.

2. For Python, https://www.python.org/

3. SQLITE3, https://www.sqlite.org/

4. FLASK tutorial: http//www.onemonth.com

5. http://ict.iitk.ac.in

7. https://www.adalabs.com/adalabs-chacha20poly1305.pdf

8. For CHACHA20-POLY1305,

https://blog.cloudflare.com/it-takes-two-to-chacha-poly/