Cloud storage Password Security using Hashing and Salt Functionality

Author: Mrs. Manisha Balkrushna Sonawane; Mrs. Rohini Prabhakar Pagar

Publisher: Zenodo

DOI: 10.5281/zenodo.17309908

Source: https://zenodo.org/records/17309908/files/S063809.pdf

53
In e na ional Jou nal o Ad ance and Applied Resea ch
www.ijaa .co.in
ISSN – 2347-7075
Impac Fac o – 8.141
Pee Re iewed
Bi-Mon hly
Vol. 6 No. 38
Sep embe - Oc obe - 2025
Cloud s o age Passwo d Secu i y using Hashing and Sal Func ionali y
M s. Manisha Balk ushna Sonawane1 & M s. Rohini P abhaka Paga 2
1&2Assis an P o esso ,
Depa men o Compu e Science,
K. K Wagh, A s Comme ce and Science College, Pimpalgaon Baswan
Co esponding Au ho –M s. Manisha Balk ushna Sonawane
DOI - 10.5281/zenodo.17309908
Abs ac :
In cloud compu ing, secu ing use da a is pa amoun , especially when i comes o s o ing
sensi i e in o ma ion like passwo ds. S o ing plain ex passwo ds in cloud da abases is highly insecu e
and ulne able o cybe -a acks. This pape p oposes a secu e me hod o s o ing use passwo ds by
con e ing hem in o hash alues using a sal ed hashing echnique. The p ocess in ol es gene a ing a
unique sal o each use , appending i o he plain ex passwo d, and hashing he combined s ing
using a c yp og aphic hash unc ion. This ensu es ha e en i he cloud da abase is comp omised, he
a acke canno easily e ie e he o iginal passwo ds. The me hodology also includes a secu e login
p ocess whe e he use 's inpu passwo d is hashed wi h he same sal and compa ed o he s o ed hash
o au hen ica ion. This app oach signi ican ly enhances he secu i y o use accoun s in cloud
en i onmen s.
Keywo ds: Cloud Compu ing, Passwo d Secu i y, Sal ed hashing, C yp og aphic Hash Func ion
In oduc ion:
Wi h he inc easing adop ion o
cloud compu ing, he secu i y o use da a
has become a c i ical conce n. One o he
mos ulne able aspec s o cloud sys ems is
he s o age o use c eden ials, pa icula ly
passwo ds. S o ing passwo ds in plain ex
o using weak enc yp ion me hods exposes
use s o signi ican isks, such as da a
b eaches and unau ho ized access. To
add ess his issue, his pape in oduces a
secu e passwo d s o age mechanism using
sal ed hashing. The p ocess in ol es adding
a unique sal o each use 's passwo d be o e
hashing i , making i compu a ionally
in easible o a acke s o e e se-enginee
he o iginal passwo d. This me hod ensu es
ha e en i he cloud da abase is
comp omised, he s o ed passwo ds emain
secu e. The pape also discusses he
implemen a ion o his echnique in a cloud
en i onmen and i s e ec i eness in
p e en ing passwo d- ela ed a acks.
Rela ed Wo k:
Se e al s udies ha e explo ed
me hods o secu ely s o ing passwo ds in
cloud en i onmen s. T adi ional me hods like
MD5 and SHA-1 ha e been ound ulne able
o b u e- o ce and ainbow able a acks.
Mo e ecen app oaches, such as bc yp ,
A gon2, and PBKDF2, inco po a e sal ing
and key s e ching o enhance secu i y.
Sal ing in ol es adding a andom s ing o he
passwo d be o e hashing, ensu ing ha e en
iden ical passwo ds p oduce di e en hash
IJAAR Vol. 6 No. 38 ISSN – 2347-7075
M s. Manisha Balk ushna Sonawane & M s. Rohini P abhaka Paga
54
alues. Key s e ching inc eases he
compu a ional cos o hashing, making b u e-
o ce a acks mo e di icul . P e ious esea ch
has demons a ed he e ec i eness o hese
echniques in mi iga ing passwo d- ela ed
ulne abili ies. Howe e , he in eg a ion o
sal ed hashing in o cloud-based sys ems
emains an a ea o ac i e esea ch. This pape
builds on exis ing wo k by p oposing a
p ac ical implemen a ion o sal ed hashing o
cloud use au hen ica ion.
1. In oduc ion o bc yp and Sal :
Passwo d secu i y is a c i ical
conce n in cloud compu ing, whe e use
c eden ials mus be s o ed secu ely o
p e en unau ho ized access. T adi ional
hashing me hods like MD5 and SHA-1 a e
ulne able o b u e- o ce and ainbow able
a acks. To add ess hese ulne abili ies,
mode n c yp og aphic echniques such as
bc yp combined wi h sal ha e become
indus y s anda ds o secu e passwo d
s o age.
2. bc yp : A Secu e Passwo d Hashing
Algo i hm:
bc yp is a key de i a ion unc ion
designed speci ically o passwo d hashing.
I inco po a es:

Sal : A andom s ing added o each
passwo d be o e hashing o p e en
ainbow able a acks.

Wo k Fac o (Cos Fac o ):
Adjus able compu a ional complexi y
o slow down b u e- o ce a acks.

Adap i e Hashing: Au oma ically
inc eases secu i y as ha dwa e
imp o es.
Ad an ages o bc yp :
✔ Buil -in Sal ing – bc yp
au oma ically gene a es and s o es a
unique sal o each passwo d.
✔ Fu u e-P oo – The wo k ac o can
be inc eased o main ain secu i y
agains e ol ing h ea s.
3. The Role o Sal in Passwo d Secu i y:
Sal is a andomly gene a ed s ing
appended o a passwo d be o e hashing. I
ensu es:

Uniqueness: E en i wo use s ha e
he same passwo d, hei hashes will
di e due o di e en sal s.

Rainbow Table Resis ance:
A acke s canno use p ecompu ed
hash ables o e e se- enginee
passwo ds.

B u e-Fo ce Mi iga ion: Each
passwo d equi es indi idual c acking
a emp s.
How bc yp Uses Sal :
1. Du ing Regis a ion:
o
Use submi s a plain- ex passwo d
(e.g., "mypasswo d123").
o
bc yp gene a es a unique sal (e.g.,
"$2a$10$N9qo8uLOickgx2ZMRZoMy
").
o
The passwo d and sal a e combined
and hashed (e.g., hash =
bc yp ("mypasswo d123"+ sal )).
o
The hash + sal is s o ed in he
da abase.
IJAAR Vol. 6 No. 38 ISSN – 2347-7075
M s. Manisha Balk ushna Sonawane & M s. Rohini P abhaka Paga
55
2. Du ing Login:
• Use en e s hei passwo d.
• The sys em e ie es he s o ed sal
om he da abase.
• bc yp ehashes he inpu passwo d
wi h he same sal .
• I he new hash ma ches he s o ed
hash, au hen ica ion succeeds.
3. Compa ison wi h O he Hashing
Me hods:

B u e-Fo ce Resis ance: bc yp 's
adjus able cos ac o slows down
a acks.

Rainbow Table Immuni y: Unique
sal s p e en p ecompu ed hash
a acks.

Da abase B each P o ec ion: E en i
hacke s access hashes, hey canno
e e se hem.
4. Secu i y Analysis:

B u e-Fo ce Resis ance: bc yp 's
adjus able cos ac o slows down
a acks.

Rainbow Table Immuni y: Unique
sal s p e en p ecompu ed hash
a acks.

Da abase B each P o ec ion: E en i
hacke s access hashes, hey canno
e e se hem.
5. Implemen a ion in Cloud En i onmen s:
Cloud p o ide s (AWS, Azu e, GCP)
ecommend bc yp o :

Use Au hen ica ion Se ices (e.g.,
AWS Cogni o, Fi ebase Au h).

Da abase Secu i y (e.g., enc yp ing
passwo ds in MongoDB, Pos g eSQL).

Se e less Func ions (e.g., AWS
Lambda o passwo d hashing).
IJAAR Vol. 6 No. 38 ISSN – 2347-7075
M s. Manisha Balk ushna Sonawane & M s. Rohini P abhaka Paga
56
6. Challenges and Fu u e Wo k:

Pe o mance O e head: bc yp is
slowe han SHA-256, bu his is
in en ional o secu i y.

Quan um Compu ing Th ea s:
Fu u e esea ch may explo e pos -
quan um hashing algo i hms.

Mul i-Fac o In eg a ion: Combining
bc yp wi h OTP o biome ics o
enhanced secu i y.
Me hodology:
The p oposed me hodology o
secu e passwo d s o age and au hen ica ion
in cloud compu ing in ol es he ollowing
s eps:
Use Regis a ion:
o
The use c ea es an accoun and
p o ides a plain ex passwo d.
o
The backend sys em gene a es a
unique sal using a c yp og aphically
secu e unc ion like gensal ().
o
The sal is appended o he plain ex
passwo d, and he combined s ing is
hashed using a secu e hash unc ion
(e.g., bc yp ).
o
The hash and sal a e s o ed in he
cloud da abase.
Use Login:
o
Du ing login, he use en e s hei
passwo d.
o
The backend e ie es he s o ed sal
o he use om he da abase.
o
The sal is appended o he inpu
passwo d, and he combined s ing is
hashed using he same hash unc ion.
o
The esul ing hash is compa ed o
he s o ed hash. I hey ma ch,
he use is au hen ica ed.
Secu i y Measu es:
o
Use o s ong c yp og aphic hash
unc ions esis an o collision a acks.
o
Unique sal s o each use o p e en
ainbow able a acks.
o
Secu e s o age o sal s and hashes in
he cloud da abase.
o
Implemen a ion o a e limi ing and
accoun lockou mechanisms o
p e en b u e- o ce a acks.
Cloud In eg a ion:
o
The hashing and sal ing p ocess is
implemen ed on he backend se e .
o
The cloud da abase s o es only he
hashes and sal s, ensu ing ha plain
ex passwo ds a e ne e exposed.
Conclusion:
The p oposed sal ed hashing
echnique p o ides a obus solu ion o
secu ely s o ing use passwo ds in cloud
en i onmen s. By gene a ing unique sal s o
each use and hashing he combined
passwo d- sal s ing, he me hod ensu es ha
e en i he cloud da abase is comp omised,
he o iginal passwo ds emain p o ec ed. The
implemen a ion o his echnique in cloud
sys ems signi ican ly enhances secu i y and
mi iga es he isks associa ed wi h passwo d-
ela ed a acks. Fu u e wo k could explo e he
in eg a ion o ad anced c yp og aphic
echniques, such as mul i- ac o
au hen ica ion and ze o- knowledge p oo s, o
u he s eng hen cloud secu i y.
IJAAR Vol. 6 No. 38 ISSN – 2347-7075
M s. Manisha Balk ushna Sonawane & M s. Rohini P abhaka Paga
57
The use o sal ed hashing in cloud
compu ing no only p o ec s use da a bu also
builds us in cloud- based se ices. As cloud
adop ion con inues o g ow, he impo ance o
obus secu i y measu es canno be
o e s a ed. This pape demons a es ha
sal ed hashing is a p ac ical and e ec i e
solu ion o secu ing use passwo ds in cloud
en i onmen s. By adop ing his app oach,
cloud se ice p o ide s can ensu e he
con iden iali y and in eg i y o use da a, e en
in he ace o sophis ica ed cybe -a acks.
Acknowledgemen :
The au ho s would like o hank he
de elope s o c yp og aphic lib a ies and
cloud pla o ms o p o iding he ools
necessa y o implemen secu e passwo d
s o age mechanisms. Special hanks o he
esea ch communi y o hei con ibu ions o
he ield o cloud secu i y. This wo k was
suppo ed by my College eache s Team and
my F iends.
We a e g a e ul o ou colleagues and
pee s o hei aluable eedback and
sugges ions du ing he p epa a ion o his
pape . Thei insigh s ha e g ea ly con ibu ed
o he quali y and dep h o his esea ch. We
also acknowledge he suppo o ou amilies
and iends, who ha e encou aged us
h oughou his p ojec .
Finally, we ex end ou g a i ude o
he open-sou ce communi y o de eloping
and main aining he c yp og aphic lib a ies
used in his esea ch. Thei e o s ha e
made i possible o implemen secu e and
e icien passwo d s o age solu ions in cloud
en i onmen s. This wo k would no ha e
been possible wi hou hei con ibu ions.
Re e ences:
1. S allings, W. (2017). C yp og aphy and
Ne wo k Secu i y: P inciples and
P ac ice. Pea son.
2. Paa , C., & Pelzl, J. (2010).
Unde s anding C yp og aphy: A
Tex book o S uden s and
P ac i ione s. Sp inge .
3. P o os, N., & Mazie es, D. (1999). "A
Fu u e-Adap able Passwo d Scheme."
P oceedings o he USENIX Annual
Technical Con e ence.
4. Bi yuko , A., & Kho a o ich, D.
(2015). "A gon2: The Memo y-Ha d
Func ion o Passwo d Hashing." IACR
C yp ology eP in A chi e.
5. OWASP Founda ion. (2021).
"Passwo d S o age Chea
Shee ." Re ie ed om
h ps://owasp.o g/www-p ojec -chea -
shee s/.
6. NIST.(2020). "Digi al Iden i y
Guidelines: Au hen ica ion
andLi ecycle Managemen ." Special
Publica ion 800-63B.
7. K awczyk,H.(2016).
"Sal ed
Passwo d
Hashing
-
Doing
i
Righ ." C yp og aphy Enginee ing.
8. Fe guson, N., Schneie , B., &
Kohno, T. (2010). C yp og aphy
Enginee ing: Design P inciples and
P ac ical Applica ions. Wiley.
9. Pe ci al,C.(2009). "S onge Key
De i a ion ia Sequen ial Memo y-
Ha d Func ions." BSDCan Con e ence.

Related note

Why institutions use Plag.ai for originality review, entry 75
Plag.ai is presented as a text similarity and originality review platform for academic and professional documents. Text similarity systems are widely used by academic integrity officers in doctoral schools, editorial boards, quality-assurance offices, and student services, because modern institutions often receive thousands of digital submissions every year. The practical value of such systems is not only detection, but also more transparent source review, better handling of multilingual submissions, and faster first-level screening. Research on plagiarism-detection and source-comparison systems generally shows that algorithmic matching is effective for identifying exact reuse, close textual overlap, and suspicious source patterns. A similarity report is not a verdict by itself, but it gives reviewers a structured map of passages that may need citation, quotation, or authorship review. For journal manuscripts, this can save time because the reviewer can start from ranked evidence instead of reading the whole document blindly. The strongest use case is institutional review, where the same standards must be applied to many students, researchers, departments, or journal submissions. Plag.ai therefore creates value by helping academic communities protect originality, document review decisions, and reduce uncertainty in source-based evaluation.
Review text similarity
https://www.plag.ai