Verifiable Secure Data Deduplication Method in Cloud Storage
Author:
Affiliation:

Clc Number:

TP309

Fund Project:

National Natural Science Foundation of China (61303197); Open Project of the State Key Laboratory of Integrated Services Networks (ISN19-14); CERNET Innovation Project (NGII20170414)

  • Article
  • | |
  • Metrics
  • |
  • Reference [41]
  • |
  • Related
  • | | |
  • Comments
    Abstract:

    Data deduplication technology has been widely applied in cloud storage systems. Under the premise of ensuring data privacy, how to effectively perform deduplication in semi-trusted cloud storage environments becomes one of the primary issues in cloud computing security. Current schemes rely heavily on online trusted third parties to manage data labels and to keep track of the number of users. The trusted third party plays such a vital role in those schemes that it is indispensable even at the cost of unsatisfying efficiency and potential bottleneck. A verifiable secure data deduplication scheme in cloud storage is proposed, which doesnot require any online trusted third party. The dual-tag scheme based on bilinear mapping is adopted to conduct popularity check. The tag is used to retrieve files without leaking any exploitable information. A modified group signature scheme is designed to prevent the cloud server from forging popularity query results. Users can verify the authenticity of query results from the cloud server. The multi-layered cryptosystem is adopted in the proposed scheme, in which different encryption strategies are applied according to the popularity of specific data. The correctness and security of the proposed scheme are analyzed and proved. Simulation results show that the proposed scheme is secure and efficient.

    Reference
    [1] Liu J, Asokan N, Pinkas B. Secure deduplication of encrypted data without additional independent servers. In:Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security. New York:ACM, 2015. 874-885.
    [2] Bellare M, Keelveedhi S, Ristenpart T. DupLESS:Server-aided encryption for deduplicated storage. In:Proc. of the Usenix Conf. on Security. USENIX Association, 2013. 179-194.
    [3] Zhang SG, Xian HQ, Wang YZ, Liu HY, Hou RT. Secure encrypted data deduplication method based on offline key distribution. Ruan Jian Xue Bao/Jornal of Software, 2018,29(7):1909-1921(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5359.htm[doi:10.13328/j.cnki.jos.005359]
    [4] Meyer DT, Bolosky WJ. A study of practical deduplication. ACM Trans. on Storage (TOS), 2012,7(4):1-20.
    [5] Baracaldo N, Androulaki E, Glider J, Sorniotti A. Reconciling end-to-end confidentiality and data reduction in cloud storage. In:Proc. of the 6th Edition of the ACM Workshop on Cloud Computing Security. New York:ACM, 2014. 21-32.
    [6] Storer MW, Greenan K, Long DDE, Miller EL. Secure data deduplication. In:Proc. of the 4th ACM Int'l Workshop on Storage Security and Survivability. New York:ACM, 2008. 1-10.
    [7] Koo D, Hur J. Privacy-preserving deduplication of encrypted data with dynamic ownership management in fog computing. Future Generation Computer Systems, 2018,78(2):739-752.
    [8] Liu JF, Wang JF, Tao XL, Jian S. Secure similarity-based cloud data deduplication in Ubiquitous city. Pervasive and Mobile Computing, 2017,41:231-242.
    [9] Fu YX, Luo SM, Shu JW. Survey of secure cloud storage system and key technologies. Journal of Computer Research and Development, 2013,50(1):136-145(in Chinese with English abstract).
    [10] Xu J, Chang EC, Zhou JY. Weak leakage-resilient client-side deduplication of encrypted data in cloud storage. In:Proc. of the 8th ACM SIGSAC Symp. on Information, Computer and Communications Security. New Yrok:ACM, 2013. 195-206.
    [11] Yan Z, Ding WX, Yu XX, Zhu HQ, Deng RH. Deduplication on encrypted big data in cloud. IEEE Trans. on Big Data, 2016,2(2):138-150.
    [12] Srinivasan K, Bisson T, Goodson GR, Voruganti K. iDedup:Latency-aware, inline data deduplication for primary storage. In:Proc. of the 10th USENIX Conf. on File and Storage Technologies. USENIX Association, 2012. 1-14.
    [13] Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer-Verlag, 2013. 296-312.
    [14] Stanek J, Sorniotti A, Androulaki E, Kencl L. A secure data deduplication scheme for cloud storage. In:Proc. of the Int'l Conf. on Financial Cryptography and Data Security. Berlin, Heidelberg:Springer-Verlag, 2014. 99-118.
    [15] Puzio P, Molva R, Önen M, Loureiro S. PerfectDedup:Secure data deduplication. In:Proc. of the Int'l Workshop on Data Privacy Management. Springer Int'l Publishing, 2015. 150-166.
    [16] Lou DC, Huang HF. Efficient three-party password-based key exchange scheme. Int'l Journal of Communication Systems, 2011, 24(4):504-512.
    [17] Hu XX, Zhang ZF, Liu WF. Universal composable password authenticated key exchange protocol in the standard model. Ruan Jian Xue Bao/Jornal of Software, 2011,22(11):2820-2832(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3910.htm[doi:10.3724/SP.J.1001.2011.03910]
    [18] Zhang P, Huang P, He X, Wang H, Zhou K. Resemblance and mergence based indexing for high performance data deduplication. Journal of Systems and Software, 2017,100(128):11-24.
    [19] Halevi S, Harnik D, Pinkas B, Shulman-Peleg A. Proofs of ownership in remote storage systems. In:Proc. of the 18th ACM Conf. on Computer and Communications Security. New York:ACM, 2011. 491-500.
    [20] Hur J, Koo D, Shin Y, Kang K. Secure data deduplication with dynamic ownership management in cloud storage. IEEE Trans. on Knowledge and Data Engineering, 2016,28(11):3113-3125.
    [21] Rafaeli S, Hutchison D. A survey of key management for secure group communication. ACM Computing Surveys (CSUR), 2003, 35(3):309-329.
    [22] Cui H, Deng RH, Li YJ, Wu GW. Attribute-based storage supporting secure deduplication of encrypted data in cloud. IEEE Trans. on Big Data, 2017, Early-Access.[doi:10.1109/TBDATA.2017.2656120]
    [23] Cheng SJ, Zhang CH, Pan SQ. Design on data access control scheme for cloud storage based on CP-ABE algorithm. Netinfo Security, 2016,16(2):1-6(in Chinese with English abstract).
    [24] Zhang Y, Xu CX, Li HW, Yang K, Zhou JY, Lin XD. HealthDep:An efficient and secure deduplication scheme for cloud-assisted eHealth systems. IEEE Trans. on Industrial Informatics, 2018,14(9):4101-4112.
    [25] Singh P, Agarwal N, Raman B. Secure data deduplication using secret sharing schemes over cloud. Future Generation Computer Systems, 2018,88:156-167.
    [26] Bini SP, Abirami S. Proof of retrieval and ownership for secure fuzzy deduplication of multimedia data. In:Proc. of the Progress in Computing, Analytics and Networking. Singapore:Springer-Verlag, 2018. 245-255.
    [27] Miller VS. The Weil pairing, and its efficient calculation. Journal of Cryptology, 2004,17(4):235-261.
    [28] Boneh D, Boyen X. Short signatures without random oracles and the SDH assumption in bilinear groups. Journal of Cryptology, 2008,21(2):149-177.
    [29] Xie WJ, Zhang Z. Efficient and provably secure certificateless signcryption from bilinear maps. In:Proc. of the 2010 IEEE Int'l Conf. on Wireless Communications, Networking and Information Security (WCNIS). IEEE, 2010. 558-562.
    [30] Sakai R, Furukawa J. Identity-based broadcast encryption. IACR Cryptology ePrint Archive, 2007. https://eprint.iacr.org/2007/217
    [31] Delerablée C. Identity-based broadcast encryption with constant size ciphertexts and private keys. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer-Verlag, 2007. 200-215.
    [32] Pang LJ, Li HX, Jiao LC, Wang YM. Design and analysis of a provable secure multi-recipient public key encryption scheme. Ruan Jian Xue Bao/Journal of Software, 2009,20(10):2907-2914(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3552.htm[doi:10.3724/SP.J.1001.2009.03552]
    [33] Hwang JY, Lee S, Chung BH, Cho HS, Nyang D. Short group signatures with controllable linkability. In:Proc. of the 2011 Workshop on Lightweight Security & Privacy:Devices, Protocols and Applications (LightSec). IEEE, 2011. 44-52.
    [34] Loukides MK, Oram A. Programming with GNU software. O'Reilly Media, Inc., 1997.
    [35] De Caro A, Iovino V. jPBC:Java pairing based cryptography. In:Proc. of the 2011 IEEE Symp. on Computers and Communications (ISCC). IEEE, 2011. 850-855.
    附中文参考文献:
    [3] 张曙光,咸鹤群,王雅哲,刘红燕,侯瑞涛.基于离线密钥分发的加密数据重复删除方法.软件学报,2018,29(7):1909-1921. http://www.jos.org.cn/1000-9825/5359.htm[doi:10.13328/j.cnki.jos.005359]
    [9] 傅颖勋,罗圣美,舒继武,安全云存储系统与关键技术综述.计算机研究与发展,2013,50(1):136-145.
    [17] 胡学先,张振峰,刘文芬,标准模型下通用可组合的口令认证密钥交换协议.软件学报,2011,22(11):2820-2832. http://www.jos.org.cn/1000-9825/3910.htm[doi:10.3724/SP.J.1001.2011.03910]
    [23] 程思嘉,张昌宏,潘帅卿.基于CP-ABE算法的云存储数据访问控制方案设计.信息网络安全,2016,16(2):1-6.
    [32] 庞辽军,李慧贤,焦李成,王育民.可证明安全的多接收者公钥加密方案设计与分析.软件学报,2009,20(10):2907-2914. http://www.jos.org.cn/1000-9825/3552.htm[doi:10.3724/SP.J.1001.2009.03552]
    Related
    Cited by
    Comments
    Comments
    分享到微博
    Submit
Get Citation

咸鹤群,刘红燕,张曙光,侯瑞涛.可验证的云存储安全数据删重方法.软件学报,2020,31(2):455-470

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:March 03,2018
  • Revised:July 11,2018
  • Online: February 17,2020
  • Published: February 06,2020
You are the first2032468Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063