An Applied Security Model For Controlled Key-Release In Blowfish-Based Data Retrieval

Authors

  • Vandyala Yukthasri Department of Information Technology, Vardhaman College of Engineering, Hyderabad, India Author
  • Manchanpally Arun Kumar Department of Information Technology, Vardhaman College of Engineering, Hyderabad, India Author
  • Mohammad Ayaan Department of Information Technology, Vardhaman College of Engineering, Hyderabad, India Author
  • Satheesh S Kumar Department of Information Technology, Vardhaman College of Engineering, Hyderabad, India Author
  • Ganesh B Regulwar Department of Information Technology, Vardhaman College of Engineering, Hyderabad, India Author
  • Nikhila Kathirisetty Department of Information Technology, Vardhaman College of Engineering, Hyderabad, India Author

DOI:

https://doi.org/10.63503/acset.978-81-995593-9-4.52

Keywords:

Cloud Security, Blowfish Encryption, Multi-Stage Authentication, Key Release Controlled, Secure Storage, Key Cryptographic Management

Abstract

From a cybersecurity standpoint, the security of the data stored in these systems has become a crucial concern as cloud storage continues to proliferate in digital infrastructure. Credential compromise, brute-force attacks, and sophisticated, persistent infiltration tactics have demonstrated the vulnerability of traditional security techniques, especially those that rely on static encryption keys or password-based authentication. This study offers a multi-layered security approach that combines multi-stage authentication with a dynamic key-release method for Blowfish-encrypted file storage, in response to constantly evolving cyber threats. Before allowing the controlled recovery of the Blowfish decryption key, the model described here used sequential verification with user credentials, a time-based one-time password, and a registered device token validation procedure. By keeping encryption keys unreadable until identity is fully confirmed, the system architecture reduces the exposure risks associated with conventional key storage methods. FastAPI, Streamlit, PostgreSQL, and MinIO were used in the implementation; the configuration was simple but deployable in both academic and business environments. According to experimental evaluation, the framework significantly increases resistance to unauthorised access attempts while maintaining low latency for both authentication and decryption. The findings make it clear that the suggested architecture provides a safe and effective way to protect files in cloud environments, balancing computational efficiency and user accessibility while ensuring robust cryptographic security. 

References

[1] S. Shitharth and M. A. Khan, “Security Modelling for Multi-Cloud Data Access,” Journal of Cloud Computing, vol. 12, no. 3, pp. 44–56, 2023.

[2] R. K. Singh and T. Bose, “Assessing MFA Security in Distributed Computing,” IEEE Access, vol. 11, pp. 21584–21599, 2023.

[3] L. Hu and Y. Feng, “A Comparative Study of Authentication Factors,” Computers & Security, vol. 127,

i. pp. 103–130, 2024.

[4] N. Aladadi and O. Al-Mashaqbeh, “TOTP-Enabled Access Controls for Remote Services,” Future Internet, vol. 15, no. 2, pp. 1–18, 2023.

[5] J. Marin et al., “Replay-Resistant Authentication Systems,” IEEE Transactions on Information Forensics and Security, vol. 19, pp. 677–690, 2024.

[6] A. Banerjee, “Strengthening OTP Infrastructure Through Token-Linked Policies,” Journal of Information Assurance, vol. 15, no. 4, pp. 96–109, 2023.

[7] S. Parmar and D. Patel, “Device-Bound Identity Models in Zero-Trust Networks,” IEEE Transactions on Cloud Computing, 2024.

[8] C. Hassan and P. Rashid, “Attack Surfaces in Decentralised Identity Systems,” ACM Transactions on Privacy and Security, vol. 27, no. 1, 2024.

[9] G. Wu and E. Clarke, “Performance Evaluation of Symmetric Cryptography for Cloud Storage,” Journal of Applied Cybersecurity, vol. 9, pp. 21–34, 2023.

[10] H. Abdullah and R. Omar, “Evaluating Blowfish Under Modern Storage Requirements,” International Journal of Computing Theory, vol. 14, no. 2, pp. 87–94, 2024.

[11] F. Rahman and A. Qureshi, “Risks in Static Encryption Key Management,” IEEE Security & Privacy, vol. 21, no. 6, pp. 50–63, 2023.

[12] T. Lee and M. Silva, “Secure Hybrid Key Management Techniques,” Journal of Cryptographic Engineering, vol. 13, no. 4, pp. 355–369, 2024.

[13] N. Verma and G. Thomas, “Controlled Access Models for Encrypted Cloud Resources,” in Proc. IEEE ICC, pp. 1–9, 2024.

[14] A. Torres et al., “Threshold Cryptography for Decentralised Key Access,” in Distributed Security Systems. Springer, pp. 118–133, 2023.

[15] P. Koenig and F. Lander, “Balancing Performance and Security in Authentication Protocols,” ACM Computing Surveys, vol. 56, no. 5, pp. 1–37, 2024.

[16] R. Oliveira and S. Dias, “Scalable MFA Frameworks for Multi-Tenant Clouds,” IEEE Cloud Computing, vol. 11, no. 1, pp. 75–88, 2024.

[17] M. El-Hasan and N. Fouda, “Key Rotation and Escrow Models for Distributed Systems,” Journal of Cyber Regulation, vol. 6, pp. 115–129, 2024.

[18] Y. Malik and V. Rao, “Multi-Factor Gatekeepers for Encrypted Object Access,” IEEE Transactions on Dependable and Secure Computing, 2024.

[19] Z. Liu and S. P. Rao, “Adaptive Multi-Step Authentication for Cloud Platforms,” Computers & Security, vol. 127, pp. 102–118, 2024.

[20] V. Nair and D. Song, “Context-Aware Key Governance for Digital Storage Systems,” in Proc. ACM SIGSAC, pp. 144–158, 2023.

[21] G. B. Regulwar, A. Mahalle, R. Pawar, S. K. Shamkuwar, P. R. Kakde, and S. Tiwari, “Big Data Collection, Filtering, and Extraction of Features,” in Big Data Analytics Techniques for Market Intelligence, D. Darwish, Ed. IGI Global, Jan. 2024, pp. 136–158. doi: 10.4018/979 8-3693-0413-6.ch005.

[22] G. B. Regulwar, R. Majji, S. K. Kottu, A. Kachi, and R. R. Sureddy, “Content analysis and visualisation of privacy policy using privacy management,” AIP Conference Proceedings, vol. 2942, no. 1, pp. 1 9, Feb. 29, 2024. doi: 10.1063/5.0196242.

Downloads

Published

2026-07-09

Conference Proceedings Volume

Section

Articles

How to Cite

Vandyala Yukthasri, Manchanpally Arun Kumar, Mohammad Ayaan, Satheesh S Kumar, Ganesh B Regulwar, & Nikhila Kathirisetty. (2026). An Applied Security Model For Controlled Key-Release In Blowfish-Based Data Retrieval. Adroid Conference Series: Engineering and Technology, 2(1), 43-52. https://doi.org/10.63503/acset.978-81-995593-9-4.52