A De-Duplication Scheme and Distributed Key Generation for Achieving the Strongest Privacy in Cloud

In this paper we study about hybrid cloud approach for secure authorized deduplication. Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been rapidly used in clouds to reduce the amount of storage space. To protect the privacy of sensitive data while supporting deduplication, the convergent encryption technique has been used to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. This technique is different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new deduplication constructions that have been supporting the authorized deduplication in a hybrid cloud environment. Security analysis demonstrates that our deduplication scheme is secure by the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized deduplication scheme and conduct tested experiments using our prototype. We show that our proposed authorized deduplication scheme incurs minimal overhead compared to normal operations.

[1]  Jia Xu,et al.  Weak leakage-resilient client-side deduplication of encrypted data in cloud storage , 2013, ASIA CCS '13.

[2]  Pin Zhou,et al.  Demystifying data deduplication , 2008, Companion '08.

[3]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[4]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[5]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[6]  Paulo S. L. M. Barreto,et al.  Efficient Implementation of Pairing-Based Cryptosystems , 2004, Journal of Cryptology.

[7]  Jan Camenisch,et al.  Balancing Accountability and Privacy Using E-Cash (Extended Abstract) , 2006, SCN.

[8]  Mihir Bellare,et al.  Interactive Message-Locked Encryption and Secure Deduplication , 2015, Public Key Cryptography.

[9]  Ghassan O. Karame,et al.  Transparent Data Deduplication in the Cloud , 2015, CCS.

[10]  Dalit Naor,et al.  Estimation of deduplication ratios in large data sets , 2012, 012 IEEE 28th Symposium on Mass Storage Systems and Technologies (MSST).

[11]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[12]  Benny Pinkas,et al.  Secure Deduplication of Encrypted Data without Additional Independent Servers , 2015, CCS.

[13]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[14]  Jan Camenisch,et al.  Practical Group Signatures without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[15]  Darrell D. E. Long,et al.  Secure data deduplication , 2008, StorageSS '08.

[16]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[17]  Refik Molva,et al.  ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.

[18]  André Brinkmann,et al.  Multi-level comparison of data deduplication in a backup scenario , 2009, SYSTOR '09.

[19]  Yitao Duan,et al.  Distributed Key Generation for Encrypted Deduplication: Achieving the Strongest Privacy , 2014, CCSW.

[20]  Patrick Longa,et al.  Faster Explicit Formulas for Computing Pairings over Ordinary Curves , 2011, EUROCRYPT.

[21]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[22]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[23]  Yang Zhang,et al.  Liquid: A Scalable Deduplication File System for Virtual Machine Images , 2014, IEEE Transactions on Parallel and Distributed Systems.

[24]  Mihir Bellare,et al.  DupLESS: Server-Aided Encryption for Deduplicated Storage , 2013, USENIX Security Symposium.

[25]  Jan Camenisch,et al.  Balancing accountability and privacy using E-cash , 2006 .

[26]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[27]  Alessandro Sorniotti,et al.  A Secure Data Deduplication Scheme for Cloud Storage , 2014, Financial Cryptography.

[28]  Emmanuelle Anceaume,et al.  A Secure Two-Phase Data Deduplication Scheme , 2014, 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS).

[29]  Roberto Di Pietro,et al.  Boosting efficiency and security in proof of ownership for deduplication , 2012, ASIACCS '12.

[30]  Shmuel Tomi Klein,et al.  The design of a similarity based deduplication system , 2009, SYSTOR '09.