Secure Random Encryption for Deduplicated Storage

In Storage Services, Deduplication is used to reduce the data size by eliminating storage of duplicate data. Deduplication is an effective data reduction technique to minimize the storage cost as well as communication cost. However, Deduplication raises significant security issues. Malicious users and semi-trusted Storage Server tries to learn the data outsourced by other users. Encrypting the data at user side before uploading to Storage Server is essential for protecting outsourced data. However, conventional deterministic encryption techniques are vulnerable to brute-force attacks and dictionary attacks for predictable files. In this paper, we propose secure random key based encryption technique for Deduplicated Storage. In our approach, user encrypts the file with a randomly chosen key. Random key is encrypted by set of hash values generated from plaintext file. In this way, our approach provides protection against brute-force attack and dictionary attack. We analyze security of our approach with theoretical proof and experimental analysis.

[1]  Le Zhang,et al.  Fast and Secure Laptop Backups with Encrypted De-duplication , 2010, LISA.

[2]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[3]  Nesrine Kaaniche,et al.  A Secure Client Side Deduplication Scheme in Cloud Storage Environments , 2014, 2014 6th International Conference on New Technologies, Mobility and Security (NTMS).

[4]  Vijay Kumar,et al.  Platform Neutral Sandbox for Analyzing Malware and Resource Hogger Apps , 2014, SecureComm.

[5]  Vijay Laxmi,et al.  DroidOLytics: Robust Feature Signature for Repackaged Android Apps on Official and Third Party Android Markets , 2013, 2013 2nd International Conference on Advanced Computing, Networking and Security.

[6]  Kyungtae Kang,et al.  Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage , 2016, IEEE Transactions on Knowledge and Data Engineering.

[7]  Fuchun Guo,et al.  BL-MLE: Block-Level Message-Locked Encryption for Secure Large File Deduplication , 2015, IEEE Transactions on Information Forensics and Security.

[8]  Alessandro Sorniotti,et al.  A Secure Data Deduplication Scheme for Cloud Storage , 2014, Financial Cryptography.

[9]  David Hung-Chang Du,et al.  Chunk Fragmentation Level: An Effective Indicator for Read Performance Degradation in Deduplication Storage , 2011, 2011 IEEE International Conference on High Performance Computing and Communications.

[10]  Roberto Di Pietro,et al.  Boosting efficiency and security in proof of ownership for deduplication , 2012, ASIACCS '12.

[11]  Brian Warner,et al.  Tahoe: the least-authority filesystem , 2008, StorageSS '08.

[12]  Vijay Laxmi,et al.  FlowMine: Android app analysis via data flow , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[13]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[14]  Jay Dave,et al.  Securing SQL with Access Control for Database as a Service Model , 2016, ICTCS.

[15]  Paul Anderson,et al.  Fast and secure laptop backups with encrypted deduplication , 2010 .

[16]  John Gantz,et al.  The Digital Universe in 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in the Far East , 2012 .

[17]  Ghassan O. Karame,et al.  Transparent Data Deduplication in the Cloud , 2015, CCS.

[18]  Vijay Laxmi,et al.  DroidAnalyst: Synergic App Framework for Static and Dynamic App Analysis , 2016, Recent Advances in Computational Intelligence in Defense and Security.

[19]  Vijay Laxmi,et al.  Behavioural detection with API call-grams to identify malicious PE files , 2012, SecurIT '12.

[20]  Jyoti Malhotra,et al.  A survey and comparative study of data deduplication techniques , 2015, 2015 International Conference on Pervasive Computing (ICPC).

[21]  Won So,et al.  Lamassu: Storage-Efficient Host-Side Encryption , 2015, USENIX Annual Technical Conference.

[22]  Refik Molva,et al.  ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.

[23]  Jia Xu,et al.  Weak leakage-resilient client-side deduplication of encrypted data in cloud storage , 2013, ASIA CCS '13.

[24]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[25]  Martín Abadi,et al.  Message-Locked Encryption for Lock-Dependent Messages , 2013, IACR Cryptol. ePrint Arch..

[26]  G. Kalpana,et al.  Secure Auditing and Deduplicating Data in Cloud , 2016 .

[27]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[28]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[29]  Benny Pinkas,et al.  Secure Deduplication of Encrypted Data without Additional Independent Servers , 2015, CCS.

[30]  Yucheng Zhang,et al.  SecDep: A user-aware efficient fine-grained secure deduplication scheme with multi-level key management , 2015, 2015 31st Symposium on Mass Storage Systems and Technologies (MSST).