Abstract— computing provides storage at free cost

Abstract— Cloud computing 1 is an emerging IT platform that helps the users to get rid of the hardware resources and complexity in storage and computational power. All the people started using cloud which led to many security concerns relating to the data confidentiality and integrity. This became a challenge to the widespread of the new cloud computing paradigm. Many measures are taken to improve the cloud security and then there came the concept of cryptography to upgrade the cloud security. Nowadays the main problem is to maintain data confidentiality 2 with respect to untrusted cloud service providers as well as providing correct query results to the authenticated users. Existing approach provide confidentiality using only one symmetric encryption algorithm which generates only one secret key to both encrypt and decrypt. But this is not so secured as the attacker can easily guess the algorithm and thereby find the key. In this paper, we are going to employ a randomized encryption technique in which the files are randomly encrypted by three strong algorithms AES, Triple DES and Blowfish 3 which improves the security and we are also implementing new techniques to improve security like key generation via OTP method, etc. In addition to this, we are also going to solve the problem of redundant or duplicate files consuming the cloud storage by using de-duplication technique using a buffered reader which can eliminate the duplicate files in the cloud, thereby saving storage and reduce the need to buy extra storage. Keywords-Cloud security, Data Confidentiality, AES, Triple DES, Blowfish, De-duplication, Randomized Encryption.                                 INTRODUCTION  In the present scenario, cloud computing 1 is emerging as the most powerful networking as well as storage platform which is used by different users across the world. Cloud computing provides storage at free cost or at lower costs eliminating the need for costly storage and computational resources. So large amount of data is being stored and a lot of computations are being performed in the cloud. When different kinds of operations are performed in the cloud we must consider the security of the cloud environment. Cloud security is a major concern nowadays a lot of confidential data is being uploaded on to the cloud.    Even though the cloud stores the data at low costs it allows its resources to be shared among the users and individuals, servers and thereby all the files are vulnerable to the attackers causing a major threat. The other security issues include data confidentiality and data integrity. Data Confidentiality means the data should not be disclosed to the un-trusted users and data integrity means that data should not be altered before being processed by the server. In recent years the concept of cryptography has cleared most of the security issues providing data confidentiality and integrity.   There are also many security concerns even in the concept of cryptography based on the encryption algorithms. There are two types of encryption algorithms. They include symmetric encryption algorithms and asymmetric encryption algorithms. Symmetric encryption algorithms maintain only one key and it is used to both encrypt and decrypt. Whereas asymmetric encryption algorithms have two keys public and private. Symmetric encryption is used to protect the message and is faster compared to asymmetric encryption. But the only disadvantage is that it uses only a single key. We consider key length as one of the most important factors while selecting the symmetric encryption algorithm. This is because if the key length is large, it is difficult for the attacker to guess the key and thereby improving security.DES is the weakest encryption with the key length of just 56 bits. So it is improved and proposed as a new encryption algorithm Triple DES with the key length of 168 bits.AES and blowfish are the other stronger encryption used in the paper to improve the security by randomly allocating the three algorithms to the files by which makes it difficult for the attacker to guess the algorithm.  The redundant storage of the files in the cloud is also one of the most prevailing problems which consume a lot of storage space. This can be eliminated by using the concept of de-duplication which do not allow the duplicate files into the cloud. LITERATURE SURVEY Cloud Computing 1 is a technology which is used for storage of data and various computations. Using cloud computing the user data need not be stored in his own personal computer or any external storage device rather can be stored in the cloud raising many security concerns or issues.       Though there are many techniques 2 of data security and privacy in cloud computing, data confidentiality and integrity are of major concern till date. Data security and privacy issues are seen in both the software and hardware of the cloud architecture model. Data security is of major concern and the total data is in the hands of cloud service providers using cloud computing service model. In the cloud environment, the total organizational data is processed in plain text and is stored under the surveillance of cloud providers arising cloud security issues.  All these security issues gave rise to a new concept in cloud computing called Cryptography to enhance the Cloud Security using several encryption algorithms both Symmetric and Asymmetric algorithms 3. Symmetric encryption algorithm uses only one key namely private key for encryption whereas Asymmetric algorithms use two keys namely public and private. Symmetric encryption is faster than Asymmetric encryption. Most common Symmetric encryption algorithms are DES and AES. DES is not so secure because of its key size of 56 bits, hence there came to a better enhancement to DES in the form of Triple DES with a key length of 168 bits making it 3 times stronger than DES. Triple DES is stronger but time -consuming. So, there is a need for a better encryption algorithm to make thre encryption fast and efficient, then there comes AES 4  with a better key length of 128, 192 and 256 bits. AES operation is base on rounds and no of rounds are based on key length. Nowadays Blowfish 5 encryption algorithm is used for more security with the key length varying from 32 to 448 bits. There are no cryptanalytic attacks raised against AES and Blowfish till date. The most common encryption algorithms used today are AES, Triple DES, and Blowfish. One of the issues in cloud computing is the redundant storage of data in the cloud. There are many techniques developed to detect the duplicate files in the cloud. This is done using the concept of deduplication 6. There are many de-duplication techniques in which the common ones are File-level and block level. In File-level de-duplication, hash values are compared to eliminate the duplicate files using SHA(secure hashing algorithm).                  CLOUD SECURITY THREATS Improper credential management When the information of all the users of the cloud is not properly stored, the attackers can acts as the legitimate users, enter into the system and access, modify or delete files which may cause potential harm to the organization.  Account Hijacking It is the process by which the malicious attackers enter into the system finding the system vulnerabilities and keep an eye on the activities of the organization, manipulate the data and other illegal activities. He also can steal the credentials which affect the data confidentiality and integrity.   Insider attacks These type of attacks come into picture when the data is solely in the hands of the cloud service providers. Any bad system admin can cause harm to our sensitive information stored in the cloud. This is one of the greatest security risks which cannot be predicted and data breach may also happen due to this.                       PROPOSED SYSTEM We propose an encryption scheme where the files are randomly encrypted using three different encryption algorithms. This randomized encryption scheme improves the security with an add-on of OTP based private key generation technique and we also include a de-duplication technique which does not allow the redundancy in files stored in the cloud. Algorithms Used Triple DES(Triple Data Encryption Standard): DES encryption algorithm is a weak algorithm with the key length of only 56 bits, but is popular. So it is modified as Triple DES which is three times stronger and faster than DES with the key length of 3*56=168 bits making it strong and intense compared to DES. It uses three keys K1,k2,k3, first to encrypt and then the encrypted data is decrypted using the second key k2 and then the decrypted data is again encrypted using the third key k3.Hence it is also called as an encrypt-decrypt-encrypt process. A user first decrypts using k3, then encrypt with k2, and finally decrypt with k1.     Encryption in TDES: Ciphertext=  encyption(k3)(decryption(k2)(encryption(k1)(plaintext)))          Decryption in TDES: Plaintext=Decryption(k1)(encyption(k2)(decryption(k3)(ciphertext()))   Advantages: 1.It is easy to implement.2.It is stronger than DES with a key length of 168 bits. Disadvantages: 1.Performance is poor.2.It is slow when compared to other block cipher methods of encryption.  AES(Advanced Encryption Standard): AES is a symmetric encryption algorithm recommended by NIST(National Institute of Standards and Technology). It is stronger and faster than DES and Triple DES.It is so strong that no cryptanalytic attack has been registered against that. It is the most widely accepted algorithm and is adopted by almost all the cloud users across the world. It is more secure compared to DES and Triple DES.In AES the cipher takes a plaintext block size of 128 bits or 16 bytes.The key length can be 128/192/256 bits.The input to the encryption and decryption algorithms is a single 128-bit block.This is interpreted as a 4*4 square matrix of bytes. This block is copied into the State array, which is modified at each stage of encryption or decryption. After the final stage,  the state is copied to an output matrix.    The cipher consists of N rounds, where the number of rounds depending on the key length: 10 rounds for a 16-byte key, 12 rounds for a 24-byte key, and 14 rounds for a 32-byte key. Operation of AES The schematic of AES structure is given in the following illustration ?        There are four possible transformation functions: SubBytes, ShiftRows, MixColumns, and AddRoundKey. Substitute bytes: This uses an S-box to perform a byte-by-byte substitution of the block. ShiftRows: A simple permutation   MixColumns: A substitution that makes use of arithmetic function and transforms four bytes of each column AddRoundKey: A simple bitwise XOR of the current block of the expanded key.   Each round comprises of four sub-processes. The first round process is depicted below ?    Key Expansion Algorithm KeyExpansion (byte key16, word w44){   word temp   for (i=0; i