Secure proof of storage with deduplication for cloud storage systems

Explosion of multimedia content brings forth the needs of efficient resource utilization using the state of the arts cloud computing technologies such as data deduplication. In the cloud computing environments, achieving both data privacy and integrity is the challenging issue for data outsourcing service. Proof of Storage with Deduplication (POSD) is a promising solution that addresses the issue for the cloud storage systems with deduplication enabled. However, the validity of the current POSD scheme stands on the strong assumption that all clients are honest in terms of generating their keys. We present insecurity of this approach under new attack model that malicious clients exploit dishonestly manipulated keys. We also propose an improved POSD scheme to mitigate our attack.

[1]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[2]  Yi Mu,et al.  Proof of retrievability with public verifiability resilient against related-key attacks , 2015, IET Inf. Secur..

[3]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[4]  Jia Xu,et al.  Weak leakage-resilient client-side deduplication of encrypted data in cloud storage , 2013, ASIA CCS '13.

[5]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[6]  Kwangjo Kim,et al.  Security weakness in the Proof of Storage with Deduplication , 2012, IACR Cryptol. ePrint Arch..

[7]  Edgar R. Weippl,et al.  Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space , 2011, USENIX Security Symposium.

[8]  Jin Li,et al.  A Hybrid Cloud Approach for Secure Authorized Deduplication , 2015, IEEE Transactions on Parallel and Distributed Systems.

[9]  Heiko Schwarz,et al.  Overview of the Scalable Video Coding Extension of the H.264/AVC Standard , 2007, IEEE Transactions on Circuits and Systems for Video Technology.

[10]  Cong Wang,et al.  Enabling Encrypted Cloud Media Center with Secure Deduplication , 2015, AsiaCCS.

[11]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[12]  Yevgeniy Dodis,et al.  Proofs of Retrievability via Hardness Amplification , 2009, IACR Cryptol. ePrint Arch..

[13]  Albert Y. Zomaya,et al.  Remote Data Auditing in Cloud Computing Environments , 2015, ACM Comput. Surv..

[14]  Lorena González-Manzano,et al.  An efficient confidentiality-preserving Proof of Ownership for deduplication , 2015, J. Netw. Comput. Appl..

[15]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[16]  Xiaofeng Chen,et al.  Secure Distributed Deduplication Systems with Improved Reliability , 2015, IEEE Trans. Computers.

[17]  João Paulo,et al.  A Survey and Classification of Storage Deduplication Systems , 2014, ACM Comput. Surv..

[18]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[19]  Antoine Joux,et al.  The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems , 2002, ANTS.

[20]  Shouhuai Xu,et al.  Secure and efficient proof of storage with deduplication , 2012, CODASPY '12.

[21]  Huaqun Wang,et al.  Identity-Based Distributed Provable Data Possession in Multicloud Storage , 2015, IEEE Transactions on Services Computing.

[22]  Roberto Di Pietro,et al.  A tunable proof of ownership scheme for deduplication using Bloom filters , 2014, 2014 IEEE Conference on Communications and Network Security.

[23]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[24]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[25]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.