Cloud and Database Security Using Hybrid Cryptography

Project Title

Cloud and Database Security Using Hybrid Cryptography

Project Area of Specialization Cyber SecurityProject Summary

Nowadays, the world is migrating towards the cloud as cloud computing provides inexpensive and convenient services. The consistently growing numbers of users over the network have made it quite difficult to securely manage users’ data on the cloud and databases. Cloud and database security using Hybrid cryptography can help to protect data from inside and outside intruders so, that confidentiality and integrity are sustained. Many researchers worked on hybrid cryptography by using a combination of symmetric and asymmetric algorithms to implement the hybrid technique. But these systems have the major drawback of sharing keys over the network that can be stolen or tampered with by attackers and the majority have worked only for text file encryption. Whereas, the proposed mechanism provides cloud and database security with diversity in a Hybrid manner to ensure confidentiality and integrity of information. Different encryption algorithms are critically analyzed by considering various parameters such as block and key size, time consumption, and finally encryption and decryption speed. To ensure database security AES, RC2, and blowfish are used depending upon the random selection of algorithms that acts as an asymmetric technique. And ensures cloud security by encrypting all types of files using AES, 3DES, and RC2 in a layered hybrid manner and does not need to share any key. The proposed system provides data encryption and decryption with high speed without disturbing file format and quality of images with high integrity.

Implementation Platform

    The proposed system is developed using C#, Asp. Net, Html, CSS,and  SQL languages.

The hardware and software tools used for development are given below.

• Software Requirements

1. Visual studio 2019
2. 1.6 GHz or faster processor,1 GB of RAM, SQL Server 10GB.

•  Hardware Requirements

1. 8GB RAM 
2. 10 GB Hard Disk

Project Objectives

The result expected from the hybrid cryptography algorithm is to secure confidential data, ensuring the data integrity of data to users/clients all the time. It can be achieved by using different encryption/decryption algorithms that are classified as follows: 

• Symmetric algorithm (use a single key for encryption & decryption called the public key).
• Asymmetric algorithm (use 2 keys one for encryption (which is called public) and the other for decryption (which is called the private key).

The proposed layered hybrid cryptographic technique helps to resolve the various security issues of cloud storage and database by providing:

1. Secure access to the stored files (only the authenticated user has access rights) 
2. The secured transmission of files between the users.  
3. To encrypt password by randomly choosing an algorithm and storing it in a database. 
4. To store all types of files in encrypted form on the cloud.
5. The format of any file after decryption remains the same as before encryption.
6. To ensure confidentiality, availability, and integrity.

Project Implementation Method

Methodology:

The methodology of the proposed system consists of two major units:

• Website (Crypto Secure World): a technique is presented that provides database security by encrypting user data to ensure authentication. The website consists of four modules that are:

1. Home
2. Support
3. About Us
4. Registration is the fundamental element of the website, via this page database security is provided by encrypting user authentic information. Here, the user enters the email address and set the password that is used at the time of login in the setup. When the user sets the password, the password is encrypted dynamically by using a random function. The random function can generate any random value at runtime between 0 and 4 (means 1,2,3). Using unique keys along with symmetric encryption in data transfer, hybrid cryptography is achieved. For random symmetric key encryption, public-key encryption is implemented. A randomly generated number acts as a private key for encryption and decryption (it is not exactly an asymmetric cryptography method but somehow seems to look alike). Then according to the random value, any of the three predefined selected cryptographic algorithms which are AES, Blowfish, and RC2, the user's password acts as a key, After that encryption is completed with the selected algorithm and the random key that constrained the selection of the algorithm is downloaded automatically to the device of the authorized user along with some usage guidance of setup and key. So, the user can use a secret number at the time of log-in to the setup to prove user authentication.

• Setup: a strong strategy is proposed that provides the encryption of all types of files that encourages the user to share data over the cloud without any security risk.

For Encryption: Users can add desired files(any type) to the list for encryption purposes without changing their format. The file removal option is also provided to ease the user to remove files if any unwanted file is added to the list. File encryption is accomplished by using the JSF technique that is based on layered Hybrid Cryptography. JSF technique uses three different algorithms AES (256 bit), 3DES (168 bit), and RC2 (128 bit) in layers for encryption. The file undergoes all three algorithms one by one and the output of one encryption algorithm is used as input for the next algorithm. First, the file is encrypted with AES then 3DES and after that with RC2 respectively.  After completing the encryption process file is placed at the same memory location and the user has also the opportunity to upload files by selecting the desired cloud storage service.

For Decryption: Users have to download encrypted files from the cloud or select files from the device. The decryption process of files is the same as encryption in reserve order. The file is only decrypted with the same password through which it is encrypted else it shows an error. In the end, the file is placed at the same memory location.

Benefits of the Project

This research mainly focuses to develop a system that is used to satisfy the confidentiality and integrity for securing information with maximum efficiency, high performance, and strong security in minimum time by using symmetric algorithms in a hybrid layered technique.                                                          

This system can support enterprises to store and share data securely on the cloud. A person can store confidential data on a PC as well as on the cloud and can also share it securely. It is beneficial for students for research purposes about cloud and database security.

Technical Details of Final Deliverable

This project aims to implement a fast-speed and secure hybrid cryptography system for cloud storage and databases. The deliverable product would include a web Application(named CryptoDC) and a Desktop application (named Anti-Hack) which is designed and implemented at the Government college women's university. This project presents a technique, that is an integration of numerous cryptography algorithms to securely store files over the cloud and user credentials in databases. This project provides a secure cloud environment, users can secure their personal information and valuable digital assets (all types of files) and delivers:

• Fast speed encryption & decryption
• Highly secure cryptography mechanism 
• Ensure confidentiality
• Maintain integrity

Final Deliverable of the Project Software SystemCore Industry ITOther Industries Security Core Technology OthersOther Technologies Cloud InfrastructureSustainable Development Goals Quality Education, Partnerships to achieve the GoalRequired Resources

Item Name	Type	No. of Units	Per Unit Cost (in Rs)	Total (in Rs)
			Total in (Rs)	6000
Printing	Miscellaneous	5	1200	6000