Jian Liu
ABSTRACT
Encrypting data on client-side before uploading it to a cloud storage is essential for protecting users' privacy. However client-side encryption is at odds with the standard practice of deduplication. Reconciling client-side encryption with cross-user deduplication is an active research topic. We present the first secure cross-user deduplication scheme that supports client-side encryption without requiring any additional independent servers. Interestingly, the scheme is based on using a PAKE (password authenticated key exchange) protocol. We demonstrate that our scheme provides better security guarantees than previous efforts. We show both the effectiveness and the efficiency of our scheme, via simulations using realistic datasets and an implementation.
- Abdalla, M., and Pointcheval, D. Simple password-based encrypted key exchange protocols. In CT-RSA (2005), A. Menezes, Ed., vol. 3376 of LNCS, Springer, pp. 191--208. Google Scholar
Digital Library
- Afshar, A., Mohassel, P., Pinkas, B., and Riva, B. Non-interactive secure computation based on cut-and-choose. In EUROCRYPT (2014), P. Q. Nguyen and E. Oswald, Eds., vol. 8441 of LNCS, Springer, pp. 387--404.Google ScholarCross Ref
- Bellare, M., Keelveedhi, S., and Ristenpart, T. DupLESS: Server-aided encryption for deduplicated storage. In USENIX Security (2013), USENIX Association, pp. 179--194. Google ScholarDigital Library
- Bellare, M., Keelveedhi, S., and Ristenpart, T. Message-locked encryption and secure deduplication. In EUROCRYPT (2013), vol. 7881 of LNCS, Springer, pp. 296--312.Google ScholarCross Ref
- Bellare, M., Pointcheval, D., and Rogaway, P. Authenticated key exchange secure against dictionary attacks. In PreneelciteDBLP:conf/eurocrypt/2000, pp. 139--155. Google ScholarDigital Library
- Bellovin, S. M., and Merritt, M. Encrypted key exchange: password-based protocols secure against dictionary attacks. In IEEE Computer Society Symposium on Research in Security and Privacy (1992), IEEE Computer Society, pp. 72--84. Google ScholarDigital Library
- Boyko, V., MacKenzie, P. D., and Patel, S. Provably secure password-authenticated key exchange using diffie-hellman. In PreneelciteDBLP:conf/eurocrypt/2000, pp. 156--171. Google ScholarDigital Library
- Breslau, L., Cao, P., Fan, L., Phillips, G., and Shenker, S. Web caching and zipf-like distributions: evidence and implications. In INFOCOM (Mar 1999), vol. 1, pp. 126--134.Google ScholarCross Ref
- Canetti, R., Halevi, S., Katz, J., Lindell, Y., and MacKenzie, P. D. Universally composable password-based key exchange. In EUROCRYPT (2005), pp. 404--421. Google ScholarDigital Library
- Douceur, J. R., Adya, A., Bolosky, W. J., Simon, P., and Theimer, M. Reclaiming space from duplicate files in a serverless distributed file system. In ICDCS (2002), IEEE, pp. 617--624. Google ScholarDigital Library
- Duan, Y. Distributed key generation for encrypted deduplication: Achieving the strongest privacy. In CCSW (2014), ACM, pp. 57--68. Google ScholarDigital Library
- Dutch, M. Understanding data deduplication ratios. SNIA Data Management Forum, 2008. http://storage.ctocio.com.cn/imagelist/2009/222/l3pm284d8r1s.pdf.Google Scholar
- ElGamal, T. A public key cryptosystem and a signature scheme based on discrete logarithms. In CRYPTO (1985), G. Blakley and D. Chaum, Eds., vol. 196 of LNCS, Springer, pp. 10--18. Google ScholarDigital Library
- Goldreich, O. Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press, 2004. Google ScholarCross Ref
- Harnik, D., Pinkas, B., and Shulman-Peleg, A. Side channels in cloud services: Deduplication in cloud storage. IEEE Security & Privacy 8, 6 (Nov 2010), 40--47. Google ScholarDigital Library
- Hazay, C., and Lindell, Y. Efficient Secure Two-Party Protocols - Techniques and Constructions. Information Security and Cryptography. Springer, 2010. Google ScholarDigital Library
- Liu, J., Asokan, N., and Pinkas, B. Secure deduplication of encrypted data without additional servers. Tech. Rep. 455, ePrint archive, May, 2015. https://eprint.iacr.org/2015/455.Google Scholar
- Meyer, D. T., and Bolosky, W. J. A study of practical deduplication. In USENIX FAST (2011), USENIX Association, pp. 1--1. Google ScholarDigital Library
- Paillier, P. Public-key cryptosystems based on composite degree residuosity classes. In EUROCRYPT (1999), J. Stern, Ed., vol. 1592 of LNCS, Springer, pp. 223--238. Google ScholarDigital Library
- Preneel, B., Ed. EUROCRYPT (2000), vol. 1807 of LNCS, Springer.Google Scholar
- Puzio, P., Molva, R., Önen, M., and Loureiro, S. Cloudedup: Secure deduplication with encrypted data for cloud storage. In CloudCom (2013), IEEE Computer Society, pp. 363--370. Google ScholarDigital Library
- Quinlan, S., and Dorward, S. Venti: A new approach to archival storage. In USENIX FAST (2002), USENIX Association, pp. 7--7. Google ScholarDigital Library
- Stanek, J., Sorniotti, A., Androulaki, E., and Kencl, L. A secure data deduplication scheme for cloud storage. In FC (2014), N. Christin and R. Safavi-Naini, Eds., vol. 8437 of LNCS, Springer, pp. 99--118.Google ScholarCross Ref
- Wendt, J. M. Getting Real About Deduplication Ratios. http://www.dcig.com/2011/02/getting-real-about-deduplication.html, 2011.Google Scholar
- Whitehouse, L. Understanding data deduplication ratios in backup systems. TechTarget article, May 2009. http://searchdatabackup.techtarget.com/tip/Understanding-data-deduplication-ratios-in-backup-systems.Google Scholar
- Zipf, G. K. Relative frequency as a determinant of phonetic change. Harvard studies in classical philology (1929), 1--95.Google Scholar
Index Terms
- Secure Deduplication of Encrypted Data without Additional Independent Servers
Recommendations
Distributed Key Generation for Encrypted Deduplication: Achieving the Strongest Privacy
CCSW '14: Proceedings of the 6th edition of the ACM Workshop on Cloud Computing SecurityLarge-scale cloud storage systems often attempt to achieve two seemingly conflicting goals: (1) the systems need to reduce the copies of redundant data to save space, a process called deduplication; and (2) users demand encryption of their data to ...
Secure data deduplication
StorageSS '08: Proceedings of the 4th ACM international workshop on Storage security and survivabilityAs the world moves to digital storage for archival purposes, there is an increasing demand for systems that can provide secure data storage in a cost-effective manner. By identifying common chunks of data both within and between files and storing them ...
A Review on Secure Data Deduplication: Cloud Storage Security Issue
AbstractCloud storage service providers caters to the need of organizations and individuals by allowing them to store, transfer and backup their ever-increasing amount of data at low cost along with providing access to the other resources of ...
Comments