ISBN: 978-15-08772460-24

Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

DATA STORAGE SECURITY IN CLOUD STORAGE THROUGH STEGANOGRAPHY

AND

CRYPTOGRAPHY

Sathyapriya.R*, Dr. B.Kalaavathi**

*Department of Computer Science and Engineering,
K.S.R Institute for Engineering and Technology, Namakkal, Tamilnadu,
Email: ramsathya.priya32@gmail.com
**Department of Computer Science and Engineering,
K.S.R Institute for Engineering and Technology, Namakkal, Tamilnadu,
Email: kalabhuvanesh@gmail.com

ABSTRACT:
Data Storage Security is a biggest trouble in Cloud Storage. Cloud storage has a number of advantages over
traditional data storage. Users store their data on a cloud, you can get at it from any location that has internet
access and there are hundreds of different cloud storage systems available. However, in this cloud storage
process, they lose control over their data. For that reason, mainly give a review on security cloud storage in
which steganography and cryptography techniques have been used. Cryptography means keep the content of a
message secret and Steganography means keep the existence of a message secret or embedding the information
in a cover image. The novelty is that one can aggregate any set of secret keys and make them as compact as a
single key, but encompassing the power of all the keys being aggregated. The main role of steganography and
cryptography are both ways to protect the information from third parties and these methods provide secure and
reliable data storage through easy to use interfaces convenient for various users and application. Try to enhance
the security and robustness of the information against attacks.
Keywords: cloud storage, steganography, cryptography, drop box, aggregate key and data storage security.
1. INTRODUCTION

different cloud storage systems, and some are very

Cloud storage

specific in what they do. Some are niche-oriented and

Cloud storage means storing your data with a cloud

store just email or digital pictures, while others store

service provider rather than on a local system. As with

any type of data. Some providers are small, while

other cloud services, you access the data stored on the

others are huge and fill an entire warehouse.

cloud via an Internet link. Even though data is stored

At the most rudimentary level, a cloud

and accessed remotely, you can maintain data both

storage system just needs one data server connected to

locally and on the cloud as a measure of safety and

the Internet. A subscriber copies files to the server

redundancy. This makes it especially appealing to road

over the Internet, which then records the data. When a

warriors. Workers dont need to use the same

client wants to retrieve the data, he or she accesses the

computer to access data nor do they have to carry

data server with a web-based interface, and the server

around physical storage devices. Also, if your

then either sends the files back to the client or allows

organization has branch offices, they can all access the

the client to access and manipulate the data itself.

data from the cloud provider. There are hundreds of

More typically, however, cloud storage systems utilize

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

35

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

hundreds of data servers. Because servers require

their data safety, the problem of verifying correctness

maintenance or repair, it is necessary to store the saved

of data storage in the cloud becomes even more

data on multiple machines, providing redundancy.

challenging.

Without that redundancy, cloud storage systems

warehouse.

It is not a just third-party data

couldnt assure clients that they could access their

In this paper, we propose an effective and

information at any given time. Most systems store the

flexible data hiding scheme with explicit dynamic data

same data on servers using different power supplies.

support to ensure the security of data when it is

That way, clients can still access their data even if a

residing in the cloud data storage. We enhanced the

power supply fails. Many clients use cloud storage not

security of data to store it into an image. When these

because theyve run out of room locally, but for safety.

images are stored in the cloud data centre, no one can

If something happens to their building, then they

view the original content of the data without any

havent lost all their data. In the cloud computing,

proper identification. Our scheme almost guarantees

Storing of data is the main roles that the cloud service

the security of data when it is residing on the data

provider provides to the client companies. They can

center of any Cloud Service Provider (CSP).

store their large amount of data in cloud data storage

II. CLOUD ARCHITECTURE AND CLOUD

centers. But many clients are not prepared to

SECURITY CONTROL

implement cloud computing technology due to the

In cloud computing, Enterprises can choose to deploy

need of correct security control policy and fault in

applications on Public, Private or Hybrid clouds.

protection of data which leads to a huge challenge for

Cloud Integrators can play a vital part in determining

the cloud computing providers. Establish of cloud

the right cloud path for each organization. Public

computing vendors, drop box are well known

clouds are owned and operated by third parties; they

example. Dropbox is a simple web services interface

deliver superior economies of scale to customers, as

that can be used to store and retrieve any amount of

the infrastructure costs are spread among a mix of

data, at any time, from anywhere on the web. Dropbox

users, giving each individual client an attractive low-

allow developer to access the highly scalable, reliable,

cost, Pay-as-you-go model. Private clouds are built

secure, fast, inexpensive infrastructure platform .In

exclusively for a single enterprise. They aim to

cloud storage, data security which has been an

address concerns on data security and offer greater

important aspect of quality of services, cloud

control, which is typically lacking in a public cloud.

computing

challenging

Hybrid Clouds combine both public and private cloud

security threats for number of reasons. Accept the

models. With a Hybrid Cloud, service providers can

traditional cryptographic primitives for the purpose of

utilize third party Cloud Providers in a full or partial

data security in cloud computing as the users defeat

manner thus increasing the flexibility of computing.

their data control. So, we need a data verification plan

The Hybrid cloud environment is capable of providing

but without explicit knowledge of the whole data, it is

on-demand, externally provisioned scale. The ability

very hard to verify the correct data. Considering

to augment a private cloud with the resources of a

various kinds of data for each user, stored in the cloud

public cloud can be used to manage any unexpected

and demand of the long term continuous assurance of

surges in workload.

unavoidably

poses

new

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

36

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

3. Authorization practices
Encryption: A complex algorithm is used to encode
Cloud security controls

information. To decode the encrypted files, a user

Cloud security architecture is effective only if the

needs the encryption key. While its possible to crack

correct defensive implementations are in place.

encrypted information, its very difficult and most

Efficient cloud security architecture should recognize

hackers dont have access to the amount of computer

the issues that will arise with security management.

processing power they would need to crack the code.

The security management addresses these issues with

Authentication processes: This requires a user to

security controls. These controls are put in place to

create

safeguard any weaknesses in the system and reduce

practices:

the effect of an attack.

authorized to access information stored on the cloud

Deterrent Controls: These controls are set in place to

system. Many corporations have multiple levels of

prevent any purposeful attack on a cloud system.

authorization. For example, a front-line employee

Much like a warning sign on a fence or a property,

might have limited access to data stored on the cloud

these controls do not reduce the actual vulnerability of

and the head of the IT department might have

a system.

complete and free access to everything.

Preventative Controls: These controls upgrade the

Reliability

strength of the system by managing the vulnerabilities.

The other concern is reliability. If a cloud storage

The preventative control will safeguard vulnerabilities

system is unreliable, it becomes a liability. No one

of the system. If an attack were to occur, the

wants to save data on an unstable system, nor would

preventative controls are in place to cover the attack

they trust a company that is financially unstable. Most

and reduce the damage and violation to the system's

cloud storage providers try to address the reliability

security.

concern through redundancy, but the possibility still

Corrective Controls: Corrective controls are used to

exists that the system could crash and leave clients

reduce the effect of an attack. Unlike the preventative

with no way to access their saved data. Reputation is

controls, the corrective controls take action as an

important to cloud storage providers. If there is a

attack is occurring.

perception that the provider is unreliable, they wont

Detective Controls: Detective controls are used to

have many clients. And if they are unreliable, they

detect any attacks that may be occurring to the system.

wont be around long, as there are so many players in

In the event of an attack, the detective control will

the market.

signal the preventative or corrective controls to

Advantages

address the issue.

Cloud storage is becoming an increasingly attractive

Data storage security:

solution for organizations. Thats because with cloud

To secure data, most systems use a combination of

storage, data resides on the Web, located across

techniques:

storage systems rather than at a designated corporate

name

and

password.

Authorization

The client lists the people who are

1. Encryption

hosting site. Cloud storage providers balance server

2. Authentication processes

loads and move data among various datacenters,

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

37

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

ensuring that information is stored close and thereby

cryptographic system is only the authenticated way in

available quickly to where it is used. Storing data on

which user can access the encrypted data and decrypt

the cloud is advantageous, because it allows you to

it. In Second step, Encrypted data was hiding into

protect your data in case there is a disaster.

image using steganography.

III. PROBLEM STATEMENT

Steganography is the art and science of hiding

Managing data storage play a critical problem in cloud

information by embedding messages within other,

computing. How to protect users data privacy is a

seemingly harmless messages. Steganography works

central question of cloud storage. With more

by replacing bits of useless or unused data in regular

mathematical tools, cryptographic schemes are getting

computer files (such as graphics, sound, text, HTML,

more versatile and often involve multiple keys for a

or even floppy disks) with bits of different, invisible

single application. In this article, consider how to

information. This hidden information can be plain text,

compress secret keys in public-key cryptosystems

cipher text, or even images. In third step, image was

which support delegation of secret keys for different

stored in a drop-box(cloud storage) .In fourth step,

cipher text classes in cloud storage. No matter which

data owner get there file location & key on mail and

one among the power set of classes, the delegate can

finally, decrypting key sent to user(requester) after

always get an aggregate key of constant size. More

verification of their detail

flexible than hierarchical key assignment which can

only save spaces if all key-holders share a similar set
of privileges. The main issues with data storage in
cloud computing is loss of control; even an
unauthorized user may have access the data in a shared
cloud environment. However, storage device are
secure by encryption methodologies which check
unauthorized access to data to share extents. If the
encryption and decryption keys are available to
malicious users encryption methodologies fails to
provide authorized access. Another approach to

Figure 1: encryption techniques

provide security in data storage is to hide the data

begin image, by using steganography. This paper aims
to provide a better security through steganography.
IV.PROPOSED SYSTEM
In proposed system, first original file to be encrypted
using Cryptography and it is the art and science of
achieving security by encoding the message or data to
make them unreadable. It is related to the aspects of
network security such as privacy, reliability and
accessibility of

the

data.

cryptosystem

IAETSD 2015: ALL RIGHTS RESERVED

Figure 2: decryption techniques

or

www.iaetsd.in

38

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

The first recorded use of the term was in 1499 by

A.AES-128 ALGORTHIM

Johannes Trithemius in his Steganographia, a treatise

For encryption we must use a secret key along with an

on cryptography and steganography, disguised as a

algorithm. In the following example we use an

book on magic. Generally, the hidden messages will

algorithm called AES 128 and the bytes of the word

appear to be (or be part of) something else: images,

"TheBestSecretKey" as the secret key (the best secret

articles, shopping lists, or some other cover text. For

key we found in this world). AES algorithm can use a

example, the hidden message may be in invisible ink

key of 128 bits (16 bytes * 8).

between the visible lines of a private letter. Some

Steps in the AES Encryption and decryption

implementations of steganography which lack a shared

Process

secret are forms of security through obscurity, whereas

The encryption process uses a set of specially derived

key-dependent steganographic schemes adhere to

keys called round keys. These are applied, along with

Kerckhoffs's principle.

other operations, on an array of data that holds exactly

The advantage of steganography over cryptography

one block of data? The data to be encrypted. This

alone is that the intended secret message does not

array we call the state array.

attract attention to itself as an object of scrutiny.

You take the following steps to encrypt a 128-bit

Plainly visible encrypted messagesno matter how

block:

unbreakablewill arouse interest, and may in

1. Derive the set of round keys from the cipher key.

themselves be incriminating in countries where

2. Initialize the state array with the block data

encryption is illegal.[2] Thus, whereas cryptography is

(plaintext).

the practice of protecting the contents of a message

3. .Add the initial round key to the starting state

array.

alone, steganography is concerned with concealing the

fact that a secret message is being sent, as well as

4. .Perform nine rounds of state manipulation.

concealing the contents of the message.

5. .Perform the tenth and final round of state

Steganography

manipulation.

information

6. Copy the final state array out as the encrypted

data (cipher text).

includes

within

steganography,

the

computer

electronic

concealment
files.

In

communications

of

digital
may

include steganographic coding inside of a transport

You take the following steps to decrypt a 128-bit

layer, such as a document file, image file, program or

block

protocol. Media files are ideal for steganographic

1.

Perform initial decryption round.

transmission because of their large size. For example,

2.

Perform nine full decryption rounds.

a sender might start with an innocuous image file and

3.

Perform final XorRound Key.

adjust the color of every 100th pixel to correspond to a

B.STEGANOGRAPH

letter in the alphabet, a change so subtle that someone

Steganography is the art or practice of concealing a

not specifically looking for it is unlikely to notice it.

file, message, image, or video within another file,

message, image, or video.

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

39

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

user data is stored on Amazons Simple Storage

Service (S3) and protected with Secure Sockets Layer
(SSL) and Advanced Encryption System (AES) 256bit encryption. After installation of the associated
application, a Dropbox folder appears with the users
other folders. Users can save files to the folder, add
new folders, and drag and drop files among folders
just as if they were all local.
Files in the Dropbox folder can be accessed
from anywhere with an Internet connection the user

Figure 3:steganography architecture

just has to log in to his account to upload, download

Implementation step for steganography:

1.

2.

3.

4.

5.

and share files. To share a file, the user can generate a

Data owner converted the cryptography data

URL for it from the Dropbox website and send it out

into encrypted form (data inside the image).

so that others can view it. Folders can be shared by

By using steganography software, that help

sending an invitation from the Dropbox website.

the user to embedded the data into the image.

Recipients that dont have Dropbox accounts will have

Data owner is requested to run the software

to sign up to access the folder. Once a folder is shared,

more than once on his data.

it will appear in the folder system for everyone who

Number of times the data is being encrypted

has access to it and all members will be able to make

is known only to the data owner.

changes to files. All versions of files are saved.

Now, hacker does not know how many times

Performance Evaluation

data will be encrypted.

6.

7.

We implemented our approach using the

When data owner decrypted the original data

concept

using key and extract the original file.

conducted using MATLAB R2012b on a system with

Hence, this provides security to original data

Intel(R) Pentium (CPU) running at 2.60 GHz, 2048

from the users point of view.

MB of RAM, a 7200RPM Western Digital 500 GB

of

steganography.

Our

experiment

is

Serial ATA drive with an 8MB buffer. It has been

C . DROP-BOX (CLOUD STORAGE)

found that our implemented system successfully stores

Dropbox is a personal cloud storage service

data within images and retrieves data from images.

(sometimes referred to as an online backup service)

that

is frequently used

for

VI. RELATED WORK

file sharing and

Shacham et al. [5] built on this model and constructed

collaboration. The Dropbox application is available

a random linear function based homomorphism

for Windows, Macintosh and Linux desktop operating

authenticator which enables unlimited number of

systems. There are also apps for iPhone, iPod,

queries and requires less communication overhead.

Android, and BlackBerry devices. The service

Bowers et al. [7] proposed an improved framework for

provides 2 gigabytes (GB) of storage for free and up to

POR protocols that generalizes both Juels and

100 GB on various for-fee plans. Another option,

Shachams work. Later in their subsequent work,

Dropbox for Teams, provides 350 GB storage. The

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

40

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

Bowers et al. [6] extended POR model to distributed

integrity across multiple distributed servers, using

systems. Any change to the contents of F, even few

erasure- coding and block-level file integrity checks.

bits, must propagate through the error-correcting code,

thus

introduction

significant

computation

In their subsequent work, Ateniese et al. [13]

and

described a PDP scheme that uses only symmetric key

communication complexity. Cong Wang et al. [3] use

cryptography. This method has lower-overhead than

homomorphism token with distributed verification of

their previous scheme and allows for block updates,

erasure- coded data towards ensuring data storage

deletions and appends to the stored file, which has also

security and locating the server being attacked. It

been supported in our work. However, their scheme

support dynamic operation on data blocks such as

focuses on single server scenario and does not address

update, delete and append without data corruption and

small data corruptions, leaving both the distributed

loss. However, the issues with fine-grained data error

scenario and data error recovery issue unexplored.

location remain to be addressed.

Curtmola et al. [14] aimed to ensure data possession of

In other related work, Shantanu pal et al. [8]

multiple replicas across the distributed storage system.

ensures the identification of adversary or the attacking

They extended the PDP scheme to cover multiple

party and helping us find a far off place for an

replicas without encoding each replica separately,

attacking party from its target and hence ensuring a

providing guarantees that multiple copies of data are

more secure environment for the other VMs. If the

actually maintained. However, we have proposed a

adversary gets to know the location of the other VMs,

new scheme to provide the better security in the world

it may try to attack them. This may harm the other

of cloud computing.

VMs in between. Flavio Lombardi et al. [9] show that

VII. CONCLUION

behavior of cloud components can be monitored by

In this paper, we have investigated the

logging and periodic checking of executable system

problem of security in cloud computing, which is

file. But system performance gets marginally degraded

essentially a distributed storage system. To ensure the

and small performance penalty is encountered. Filho et

security of users data in cloud storage, we proposed

al. [9] proposed to verify data integrity using RSA-

an effective and efficient steganographic strategy for

based hash to demonstrate escheatable data possession

enhancing security on data-at-rest. So, when these

in peer to peer file sharing networks. However, their

images are stored in the cloud data centre, no one can

proposal requires exponentiation over the entire data

view the original content of the data without any

file, which is clearly impractical for the server

proper identification. Through detailed security and

whenever the file is large. Shah et al. [10] proposed

performance analysis, we have seen that our scheme

allowing a TPA to keep online storage honest by first

almost guarantees the security of data when it is

encrypting the data then sending a number of pre

residing on the data center of any Cloud Service

computed symmetric-keyed hashes over the encrypted

Provider (CSP).

data to the auditor. However, their scheme only works

for encrypted files and auditors must maintain longterm state. Schwarz et al. [11] proposed to ensure file

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

41

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

The concept we have discussed here, will

Oracles, in Proceedings of Information Security and

help to make a strong architecture e for security in the

Cryptology (Inscrypt 07), ser. LNCS, vol. 4990.

field of cloud computation. This kind of structure of

Springer, 2007, pp. 384398.

security will also be able to improve customer

[5]

satisfaction to a great extent and we will attract more

Definition of Cloud Computing. http://docs.ism

investor in this cloud computation concept for

gcorp.com /files/ external/Draft-SP-800-145_cloud-

industrial as well as future research farms. Security in

definition.pdf.

a very large scale cross cloud environment is an active

[6]

issue. This present scheme is able to handle only a

Lou, Ensuring Data Storage Security in Cloud

limited number of security threats in a fairly small

Computing, 17th International workshop on Quality

environment. We need further simulations to verify the

of service, USA, pp1-9, 2009, IBSN:978-42443875-

performance. In the future, we will extend our research

4.

by providing security through steganography in RGB

[7] B.P Rimal, Choi Eunmi, I.Lumb, A Taxonomy

images. Also, if the raw data is encrypted and the

and Survey of Cloud Computing System, Intl. Joint

steganographic

Conference on INC, IMS and ID C pp.4 4-5 1.

issues

are

employed

then

the

Peter Mell, Timothy Grance, The NIST

Con Wang, Qian Wang, Kui Ren, and Wenjng

protection will be a bit enhanced. The protections can

[8] H. Shacham and B. Waters, Compact Proofs of

also be enhanced if we can change the pixel positions

Retrievability, Proc. of Asiacrypt 08, Dec. 2008.

after steganography. Till now we are working on it to

[9]

get better performance.

HAIL: A High - Availability a n d Integrity layer for

K. D. Bowers, A. Juels, an d A. Oprea,

cloud storage, Cryptology Print Archive, Report

VIIII.REFERENCE

2008/489, 2008, http:// eprint.iacr.org/.

[1] Cheng-Kang Chu, Sherman S. M, Key Aggregate

[10]

Cryptosystem for Scalable Data Sharing in cloud

Chaki, Sugata Sanyal, A New Trusted

storage,

Collaborative Agent Based Approach for Ensuring

IEEE

Transactions

on

Parallel

and

Shantanu Pal, Sunirmal Khatua, Nabendu

and

Distributed Systems, vol. 25, issue2, 2014

Cloud Security, Annals of Faculty Engineering

[2] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter,

Hunedoara

Patient Controlled Encryption: Ensuring Privacy of

(Archived copy), scheduled for publication in vol. 10,

Electronic Medical Records, in Proceedings of ACM

issue 1, January

Workshop on Cloud Computing Security (CCSW09).

[11]

ACM, 2009, pp. 103114.

Virtualization for Cloud Computing , Journal of

[3] V. Goyal, O. Pandey, A. Sahai, and B. Waters,

Network and Computer Application.

Attribute-Based Encryption for Fine-Grained Access

[12] R. Curtmola, O. Khan, R. Burns, and G. Ateniese,

Control of Encrypted data, in Proceedings of the 13th

MR-PDP:

ACM Conference on Computer and Communications

Possession, Proc. of ICDCS08, pp. 411420, 2008.

Security (CCS06). ACM, 2006, pp. 8998.

[13] S. J. Schwarz and E. L. Miller, Store, Forget,

[4] F. Guo,

and Check: Using Algebraic Signatures to Check

Y. Mu, Z. Chen, and L. Xu, Multi-

International

Journal

of Engineering

Flavio Lombardi, Roberto Di Pietro, Secure

Multiple-Replica

Provable

Data

Identity Single-Key Decryption without Random

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

42

ISBN: 978-15-08772460-24
Date: 8.3.2015
PROCEEDINGS OF INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

Remotely Administered Storage, Proc. of ICDCS 06

, pp. 1212, 2006.
[14] R. Curtmola, O. Khan, R. Burns, and G. Ateniese,
MR-PDP: Multiple-Replica Provable Data Possession,
Proc. of ICDCS08, pp. 411420, 2008.

IAETSD 2015: ALL RIGHTS RESERVED

www.iaetsd.in

43