Hybrid cloud approach for block-level deduplication and searchable encryption in large universe

Abstract Ciphertext-policy attribute-based searchable encryption (CP-ABSE) can achieve fine-grained access control for data sharing and retrieval, and secure deduplication can save storage space by eliminating duplicate copies. However, there are seldom schemes supporting both searchable encryption and secure deduplication. In this paper, a large universe CP-ABSE scheme supporting secure block-level deduplication are proposed under a hybrid cloud mechanism. In the proposed scheme, after the ciphertext is inserted into bloom filter tree (BFT), private cloud can perform fine-grained deduplication efficiently by matching tags, and public cloud can search efficiently using homomorphic searchable method and keywords matching. Finally, the proposed scheme can achieve privacy under chosen distribution attacks block-level (PRV-CDA-B) secure deduplication and match-concealing (MC) searchable security. Compared with existing schemes, the proposed scheme has the advantage in supporting fine-grained access control, block-level deduplication and efficient search, simultaneously.

[1]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensics , 2013, Contemporary Digital Forensic Investigations of Cloud and Mobile Applications.

[2]  Martín Abadi,et al.  Message-Locked Encryption for Lock-Dependent Messages , 2013, IACR Cryptol. ePrint Arch..

[3]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[5]  David Pointcheval,et al.  Dynamic Fully Anonymous Short Group Signatures , 2006, VIETCRYPT.

[6]  Fatos Xhafa,et al.  Secure deduplication storage systems supporting keyword search , 2015, J. Comput. Syst. Sci..

[7]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[8]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[9]  Josep Domingo-Ferrer,et al.  Cloud Cryptography: Theory, Practice and Future Research Directions , 2016, Future Gener. Comput. Syst..

[10]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[11]  Robert H. Deng,et al.  Attribute-Based Storage Supporting Secure Deduplication of Encrypted Data in Cloud , 2019, IEEE Transactions on Big Data.

[12]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[13]  Fuchun Guo,et al.  BL-MLE: Block-Level Message-Locked Encryption for Secure Large File Deduplication , 2015, IEEE Transactions on Information Forensics and Security.

[14]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[15]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[16]  Kim-Kwang Raymond Choo,et al.  Cloud based data sharing with fine-grained proxy re-encryption , 2016, Pervasive Mob. Comput..

[17]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[18]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[19]  Quan Zhao,et al.  A searchable encryption of CP-ABE scheme in cloud storage , 2013, 2013 10th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP).

[20]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[21]  Jiguo Li,et al.  Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage , 2017, Int. J. Commun. Syst..

[22]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[23]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[24]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[25]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.