Provable ownership of files in deduplication cloud storage

With the rapid adoption of cloud storage services, a great deal of data is being stored at remote servers, so a new technology, client-side deduplication, which stores only a single copy of repeating data, is proposed to identify the client's deduplication and save the bandwidth of uploading copies of existing files to the server. It was recently found, however, that this promising technology is vulnerable to a new kind of attack in which by learning just a small piece of information about the file, namely its hash value, an attacker is able to obtain the entire file from the server. In this paper, to solve this problem, we propose a cryptographically secure and efficient scheme for a client to prove to the server his ownership on the basis of actual possession of the entire original file instead of only partial information about it. Our scheme utilizes the technique of spot checking in which the client only needs to access small portions of the original file, dynamic coefficients and randomly chosen indices of the original files. Our extensive security analysis shows that the proposed scheme can generate provable ownership of the file and maintain high detection probability of client misbehavior. Both performance analysis and simulation results demonstrate that our proposed scheme is much more efficient than the existing schemes, especially in reducing the burden of the client. Copyright © 2013 John Wiley & Sons, Ltd.

[1]  Ronitt Rubinfeld,et al.  Spot-checkers , 1998, STOC '98.

[2]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[3]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[4]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[5]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[6]  Reza Curtmola,et al.  Remote data checking using provable data possession , 2011, TSEC.

[7]  E. Todeva Networks , 2007 .

[8]  Dominique Noguet,et al.  Reed-Solomon Codes for Low Power Communications , 2008, J. Commun..

[9]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[10]  Lionel Torres,et al.  Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines , 2009, Trans. Comput. Sci..

[11]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[12]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[13]  A. Shulman-Peleg,et al.  Side channels in cloud services , the case of deduplication in cloud storage , 2011 .

[14]  Edgar R. Weippl,et al.  Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space , 2011, USENIX Security Symposium.

[15]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[16]  Reza Curtmola,et al.  MR-PDP: Multiple-Replica Provable Data Possession , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[17]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.