Deduplication states that only one copy of the same data is stored in the cloud server. In order to protect data privacy, users usually encrypt their data before uploading them. When encrypted with different keys, the same data may have different ciphertext results. It is difficult for the cloud server to identify and eliminate the duplicate copies. Most current solutions to the problem rely heavily on online trusted third parties, resulting in unsatisfying efficiency and security. A secure cloud encrypted data deduplication scheme is proposed, which supports offline key deliver. By constructing a duplicate check tag, it can be verified whether encrypted data originate from the same plaintext data. The ciphertext policy attribute based encryption is used to ensure the check tag is securely generated. The initial uploader of some specific data is able to deliver the encryption key to the subsequent uploaders via the cloud server in an offline manner. Deduplication can be completed without online participation of any trusted third party. Security analysis and proving are presented. The feasibility and efficiency of the scheme are verified via simulation experiments.