Abstract— the authenticated users. Existing approach provide confidentiality

Abstract— Cloud computing 1 is an emerging IT platform that helps the users to get rid of the hardware resources and complexity in storage and computational power. All the people started using cloud which led to many security concerns relating to the data confidentiality and integrity. This became a challenge to the widespread of the new cloud computing paradigm. Many measures are taken to improve the cloud security and then there came the concept of cryptography to upgrade the cloud security. Nowadays the main problem is to maintain data confidentiality 2 with respect to untrusted cloud service providers as well as providing correct query results to the authenticated users. Existing approach provide confidentiality using only one symmetric encryption algorithm which generates only one secret key to both encrypt and decrypt. But this is not so secured as the attacker can easily guess the algorithm and thereby find the key. In this paper, we are going to employ a randomized encryption technique in which the files are randomly encrypted by three strong algorithms AES, Triple DES and Blowfish 3 which improves the security and we are also implementing new techniques to improve security like key generation via OTP method, etc. In addition to this, we are also going to solve the problem of redundant or duplicate files consuming the cloud storage by using de-duplication technique using a buffered reader which can eliminate the duplicate files in the cloud, thereby saving storage and reduce the need to buy extra storage. Keywords-Cloud security, Data Confidentiality, AES, Triple DES, Blowfish, De-duplication, Randomized Encryption.                                 INTRODUCTION  In the present scenario, cloud computing 1 is emerging as the most powerful networking as well as storage platform which is used by different users across the world. Cloud computing provides storage at free cost or at lower costs eliminating the need for costly storage and computational resources. So large amount of data is being stored and a lot of computations are being performed in the cloud. When different kinds of operations are performed in the cloud we must consider the security of the cloud environment. Cloud security is a major concern nowadays a lot of confidential data is being uploaded on to the cloud.    Even though the cloud stores the data at low costs it allows its resources to be shared among the users and individuals, servers and thereby all the files are vulnerable to the attackers causing a major threat. The other security issues include data confidentiality and data integrity. Data Confidentiality means the data should not be disclosed to the un-trusted users and data integrity means that data should not be altered before being processed by the server. In recent years the concept of cryptography has cleared most of the security issues providing data confidentiality and integrity.   There are also many security concerns even in the concept of cryptography based on the encryption algorithms. There are two types of encryption algorithms. They include symmetric encryption algorithms and asymmetric encryption algorithms 3. Symmetric encryption algorithms maintain only one key and it is used to both encrypt and decrypt. Whereas asymmetric encryption algorithms have two keys public and private. Symmetric encryption is used to protect the message and is faster compared to asymmetric encryption. But the only disadvantage is that it uses only a single key. We consider key length as one of the most important factors while selecting the symmetric encryption algorithm. This is because if the key length is large, it is difficult for the attacker to guess the key and thereby improving security.DES 7 is the weakest encryption with the key length of just 56 bits. So it is improved and proposed as a new encryption algorithm Triple DES with the key length of 168 bits.AES and blowfish are the other stronger encryption used in the paper to improve the security by randomly allocating the three algorithms to the files by which makes it difficult for the attacker to guess the algorithm.  The redundant storage 6 of the files in the cloud is also one of the most prevailing problems which consume a lot of storage space. This can be eliminated by using the concept of de-duplication which do not allow the duplicate files into the cloud. LITERATURE SURVEY Cloud Computing 1 is a technology which is used for storage of data and various computations. Using cloud computing the user data need not be stored in his own personal computer or any external storage device rather can be stored in the cloud raising many security concerns or issues.       Though there are many techniques 2 of data security and privacy in cloud computing, data confidentiality and integrity are of major concern till date. Data security and privacy issues are seen in both the software and hardware of the cloud architecture model. Data security is of major concern and the total data is in the hands of cloud service providers using cloud computing service model. In the cloud environment, the total organizational data is processed in plain text and is stored under the surveillance of cloud providers arising cloud security issues.  All these security issues gave rise to a new concept in cloud computing called Cryptography to enhance the Cloud Security using several encryption algorithms both Symmetric and Asymmetric algorithms 3. Symmetric encryption algorithm uses only one key namely private key for encryption whereas Asymmetric algorithms use two keys namely public and private. Symmetric encryption is faster than Asymmetric encryption. Most common Symmetric encryption algorithms are DES and AES. DES is not so secure because of its key size of 56 bits, hence there came to a better enhancement to DES in the form of Triple DES with a key length of 168 bits making it 3 times stronger than DES. Triple DES is stronger but time -consuming. So, there is a need for a better encryption algorithm to make thre encryption fast and efficient, then there comes AES 4  with a better key length of 128, 192 and 256 bits. AES operation is base on rounds and no of rounds are based on key length. Nowadays Blowfish 5 encryption algorithm is used for more security with the key length varying from 32 to 448 bits. There are no cryptanalytic attacks raised against AES and Blowfish till date. The most common encryption algorithms used today are AES, Triple DES, and Blowfish. One of the issues in cloud computing is the redundant storage of data in the cloud. There are many techniques developed to detect the duplicate files in the cloud. This is done using the concept of deduplication 6. There are many de-duplication techniques in which the common ones are File-level and block level. In File-level de-duplication, hash values are compared to eliminate the duplicate files using SHA(secure hashing algorithm).                  CLOUD SECURITY THREATS Improper credential management When the information of all the users of the cloud is not properly stored13, the attackers can acts as the legitimate users, enter into the system and access, modify or delete files which may cause potential harm to the organization.  Account Hijacking It is the process by which the malicious attackers enter into the system finding the system vulnerabilities14 and keep an eye on the activities of the organization, manipulate the data and other illegal activities. He also can steal the credentials which affect the data confidentiality and integrity.   Insider attacks These type of attacks come into picture when the data is solely in the hands of the cloud service providers. Any bad system admin can cause harm to our sensitive information stored in the cloud. This is one of the greatest security risks which cannot be predicted and data breach may also happen due to this.                       PROPOSED SYSTEM We propose an encryption scheme where the files are randomly encrypted using three different encryption algorithms. This randomized encryption 17 scheme improves the security with an add-on of OTP based private key generation technique and we also include a de-duplication technique which does not allow the redundancy in files stored in the cloud. Algorithms Used Triple DES(Triple Data Encryption Standard): DES encryption algorithm 7is a weak algorithm with the key length of only 56 bits, but is popular. So it is modified as Triple DES3 which is three times stronger and faster than DES with the key length of 3*56=168 bits making it strong and intense compared to DES. It uses three keys K1,k2,k3, first to encrypt and then the encrypted data is decrypted using the second key k2 and then the decrypted data is again encrypted using the third key k3.Hence it is also called as an encrypt-decrypt-encrypt process. A user first decrypts using k3, then encrypt with k2, and finally decrypt with k1.                         Figure 13: Triple DES Encryption Encryption in TDES: Ciphertext=  encyption(k3)(decryption(k2)(encryption(k1)(plaintext)))          Decryption in TDES: Plaintext=Decryption(k1)(encyption(k2)(decryption(k3)(ciphertext()))   Advantages: 1.It is easy to implement.2.It is stronger than DES with a key length of 168 bits. Disadvantages: 1.Performance is poor.2.It is slow when compared to other block cipher methods of encryption.  AES(Advanced Encryption Standard): AES is a symmetric encryption algorithm4 recommended by NIST(National Institute of Standards and Technology). It is stronger and faster than DES and Triple DES.It is so strong that no cryptanalytic attack has been registered against that. It is the most widely accepted algorithm and is adopted by almost all the cloud users across the world. It is more secure compared to DES and Triple DES.In AES the cipher takes a plaintext block size of 128 bits or 16 bytes.The key length can be 128/192/256 bits.The input to the encryption and decryption algorithms is a single 128-bit block.This is interpreted as a 4*4 square matrix of bytes. This block is copied into the State array, which is modified at each stage of encryption or decryption. After the final stage,  the state is copied to an output matrix.    The cipher consists of N rounds, where the number of rounds depending on the key length: 10 rounds for a 16-byte key, 12 rounds for a 24-byte key, and 14 rounds for a 32-byte key. Operation of AES The schematic of AES structure is given in the following illustration ?                 Figure 217: AES Encryption There are four possible transformation functions: SubBytes, ShiftRows, MixColumns, and AddRoundKey. Substitute bytes: This uses an S-box to perform a byte-by-byte substitution of the block. ShiftRows: A simple permutation   MixColumns: A substitution that makes use of arithmetic function and transforms four bytes of each column AddRoundKey: A simple bitwise XOR of the current block of the expanded key.   Each round comprises of four sub-processes. The first round process is depicted below ?                                             Figure 322 Key Expansion Algorithm KeyExpansion (byte key16, word w44){   word temp   for (i=0; i<4; i++)    wi = (key4*i, key4*i+1, key4*i+2, key4*i+3)   for(i=4; i<44; i++)   {   temp = wi-1;   if(i mod 4 = 0)   temp = SubWord (RotWord (temp)) (EXOR) Rconi/4;   wi = wi-4 (EXOR) temp   }}Advantages: 1.It is stronger and faster than DES and Triple DES.2.Flexibility in key length.3.Resistant to all types of cryptanalytic attacks. For example, if the key length is 128 bits we require 2^128 attempts to break the encryption. Disadvantages: 1.The software implementation of this is somewhat difficult.2.It is complex algorithm because of its key length sometimes. Blowfish:  Blowfish is a symmetric encryption algorithm 20which is upcoming and being accepted nowadays. It is more secured algorithm compared to DES, 3 DES, AES etc,It is fast and strong encryption algorithm because it has not been cracked to date. Blowfish is 64-bit block cipher with its key length varying from 32 to 448 bits. There are total 16 rounds of encryption performed in Blowfish.    Encryption: Blowfish encryption algorithm is divided into 2 parts.1. Key expansion2. Data encryption Key Expansion:      In the key expansion process, the key length of 48 bits is converted into 4168 bytes. Data encryption:     The data encryption process involves the iteration of  simple mathematical function 16 times. Each round contains a key-dependent permutation and key and data dependent substitution.   The encryption process of Blowfish encryption algorithm is explained using the figure below:              Figure 47: Blowfish Encryption       Algorithm: Ø S is 64 bits input dataØ S is divided into two equal parts x1 and x2Ø for i=0 to 15                  x1= x1 xor Pi.           x2= f(x1) xor x2Ø swap x1 and x2Ø Swap x1 and x2(undothe previous swap)Ø x1=x2  xor  P18Ø x2=x2  xor P17Ø Combine xi and x2  Advantages: 1.It is unpatented and licenses free.2.It is secure and easy to implement. Disadvantages: 1.It requires more space for ciphertext because of difference in key size and block size.h2.It can't provide authentication and non-repudiation as two people have the same key.    Private key generation via OTP method:   This is the newly introduced technique to enhance the security of the cloud using time schedulers inserted into the web application using simple SQL queries. These queries are used  for timely generation of  private key(owner key). To clearly elucidate this technique, when user request the private key from the owner the owner must respond with the private key to the authorized users. Even if the attacker tries to get the possession of the private key to break the encryption, as in the proposed technique key will be available only for a particular amount of time generally a minute or two. So this timely generation of the private key using  OTP improves the security by restricting the key to a particular amount of time as like the bank transactions are being secured by using OTP.    De-duplication technique:   Using this technique, duplicate or redundant files are not allowed to be stored in the cloud. In this technique we use a simple hashing algorithm which allocates the hash values to the files and on comparison the duplicate files are detected i.e files with same hash value are not allowed into the cloud. When the owner  uploads a file the de-duplication generates a hash value as an index, if the index is not found in already created index  table, the file is unique else duplication is detected and the file is not uploaded.           Figure 56 : File level de-duplication  Algorithm used: SHA-512(Secure Hash Algorithm) Description:       This is one of the most widely 9 used hash function nowadays. The hash value of this algorithm is of 512 bits and the block size is of 1024 bits. The no of computational steps is 80.       This algorithm takes the input with maximum length less than 2^128 bits and produces a message digest of 512 bits as the output. The processing of this algorithm takes place in following steps: Ø         Append the padding bitsØ         Append lengthØ         Intialize Hash bufferØ         Process message in 1024-bit blocksØ         After all the bits are processed, generate 512 bit      message digest                           OVERALL IMPLEMENTATION The proposed system is an extension of the existing cloud security architecture which uses cryptography. In this system, when a data owner uploads files into the cloud, the files get randomly encrypted using three strong encryption algorithms AES, Triple DES, and Blowfish which are resistant to cryptanalytic attacks. This randomized encryption does not allow the attacker to reuse the key to break other encrypted files. The key generation one of the most important parts of encryption, to improve the efficiency of key generation we implement timely access of private key via OTP method. While the owner uploads the file, a duplication detect is implemented to detect the duplicate files in the cloud using the technique of hashing(by comparing the hash values). This saves the storage by eliminating the redundant files.    Now, the encrypted data is stored in the cloud. When the user want to download a file, he must request the cloud key from the cloud admin which is generally the location key and private key from the owner which is the encrpted key. If the user is authorized, he gets both the private key and the cloud key and thereby he is able to download the needed file from the cloud.   Thus, our project mainly concentrates on enhancing the cloud security and storage efficiency. All the above implementation of the project is done mainly in five modules.They are  Ø User Interface DesignØ Private key generationØ Duplication detectØ Encrypt and storeØ Download  User Interface Design:        All the login and registration pages for the users, Owners, and Admin are created. Private key generation:      In this private key is generated based on the time schedules using simple SQL queries via OTP method.   Duplication detect:      In this duplicate or redundant files are detected during the owner file upload time. Encrypt and Store: The data is encrypted with the private key generated by OTP method and is stored in the cloud. Download:   The user can download the file by requesting the private key from the owner and cloud key from the cloud admin.  CONCLUSION     Cloud Computing has many advantages but, cloud security is always a major concern of Cloud ComputingIn our system, we try to enhance the cloud security by using three strong encryption algorithms Triple Des, AES and Blowfish. In these no cryptanalytic attacks have been registered on AES and blowfish to date. We can include MD5 algorithm and digital signatures to improve the security by providing data authentication using the concept of hashing.                                  REFERENCES 1 Ronald L. Kurtz and Russell Dean Vines "Cloud Security(A Comprehensive Guide to Secure Cloud Computing)" WILEY-INDIA2 K.Hashizume, D.G.Rosado, E.B.Fernandez, "An analysis of Security issues for cloud computing", Journal of Internet Services and Applications, Vol.4,2013,pp.1-13.3 MD Asif Mushtaque, Harsh Dhiman, and Shahnawaz Hussain "Evaluation of DES, TDES, AES, Blowfish and Two fish Algorithm: Based on Space Complexity" International Journal of Engineering Research (IJERT).4 Daemen, J., and Rijmen, V. "Rijndael: The Advanced Encryption Standard." Dr.Dobb's Journal, March 2001.5 Gurujeevan Singh, Ashwani Kumar and K.S. Sandha, "A Study of New Trends in Blowfish Algorithm", International Journal of Engineering Research and Applications, Vol.1, Issue 2,pp.321-326.6 Kim, D.; Song, S.; Choi, B,-Y."Data Deduplication for Data Optimization for Storage and Network Systems" http://www.springer.com/978-3-319-42278-77 Mitali and Vijay Kumar "A Survey on Various Cryptography Techniques" International Journal of Emerging Trends & Technology in Computer Science(IJETTCS)8 Ayesha M.Talha and Ibrahim Kamel "Facilitating Secure and Efficient Spatial Query Processing on the cloud" IEEE9 William Stallings "Cryptography and Network Security(Principles and Practice)" Pearson Education sixth Edition.10 E.Surya and C.Divya,"A Survey on Symmetric Key Encryption Algorithms", International Journal of Computer Science  &Communication Networks, Vol.2(4),475-477.     11 Singh, S Preet, and Maini, Raman "Comparision of Data Encryption Algorithms", International Journal of Computer science and Communication, vol.2, No.1, January-June 2011, pp.125-127.A. 12 Monika Agarwal, Pradeep Mishra, " A Comparative Survey on Symmetric Key Encryption Techniques", International Journal of Computer Science and Engineering(IJCSE), Vol.4 No.05 May 2012, PP877-882.13 Cloud Security Alliance. Top Threats to Cloud Computing, Cloud Security Alliance, 2010.14 https://googleweblight.com/i?u=https://www.incapsula.com/blog/top-10-cloud-security-concerns.html&hl=en-IN15 Atul karate "Cryptography and Network Security", Tata McGraw-Hill Companies,2008.16 https://blog.demofox.org/2012/09/15/cryptography-101-encryption-symmetric-keys/17 Miss Shakeeba S.Khan and Prof. Ms.R.R.Tuteja "Cloud Security Using Multilevel Encryption Algorithms" International Journal of Advanced Research in Computer and Communication Engineering vol. 5, Issue 1, January 2016.18https://www.tutorialspoint.com/cryptography/triple_des.html19 Tingyuan Nie, and Teng Zhang ,"A Study of DES and Blowfish Encryption Algorithm", IEEE, 2009. 20 Bruce Schneier. "The Blowfish Encryption Algorithm Retrieved", October 25, 2008.21 Hui Cui and Robert H. Deng "Attribute-Based Storage Supporting Secure Deduplication of Encrypted Data in Cloud" IEEE22 https://www.tutorialspoint.com/cryptography/advanced_encryption_standard.htm