Jian Liu,N. Asokan,Benny Pinkas

DOI: https://doi.org/10.1145/2810103.2813623

2015-01-01

Abstract:Encrypting data on client-side before uploading it to a cloud storage is essential for protecting users' privacy. However client-side encryption is at odds with the standard practice of deduplication. Reconciling client-side encryption with cross-user deduplication is an active research topic. We present the first secure cross-user deduplication scheme that supports client-side encryption without requiring any additional independent servers. Interestingly, the scheme is based on using a PAKE (password authenticated key exchange) protocol. We demonstrate that our scheme provides better security guarantees than previous efforts. We show both the effectiveness and the efficiency of our scheme, via simulations using realistic datasets and an implementation.

Xinyu Tang,Cheng Guo,Kim-Kwang Raymond Choo,Xueru Jiang,Yining Liu

DOI: https://doi.org/10.1016/j.comcom.2024.05.003

IF: 5.047

2024-01-01

Computer Communications

Abstract:Data deduplication technology is extensively employed to enhance the storage efficiency of cloud servers by eliminating redundant files. Cloud users commonly encrypt their data prior to uploading it to the server. Conventional encryption algorithms, however, lead to the encryption of duplicated data from different users into distinct ciphertexts. Consequently, these ciphertexts must be stored in the cloud since the cloud server cannot identify such duplicated data. In this paper, we introduce a hybrid cloud-based secure deduplication scheme tailored for implementation on large-scale data systems. Specifically, our approach leverages ciphertext-policy attribute-based encryption (CP-ABE), which enables us to establish access control and key management via a private cloud server. Simultaneously, we leverage a public cloud server to cater to enterprises and groups seeking secure data storage. Notably, our approach ensures mutual zero-interaction verification between both public and private cloud servers through ElGamal encryption, thereby guaranteeing data unforgeability. The security assessment illustrates that our proposed approach ensures both data privacy and integrity. We also show that the approach resists brute-force attacks on the dictionary, prevents malicious users from deceiving cloud servers to return incorrect ciphertext, and achieves secure and efficient access control and key management. Furthermore, functional and performance evaluation underscores the superiority of our method over five other classical data deduplication schemes. Under the premise of having more comprehensive security settings, the performance of the scheme still maintains a good level at every stage.

Xin Tang,Linna Zhou,Yongfeng Huang,Chin-Chen Chang

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00128

2018-01-01

Abstract:Cross-user deduplication is an emerging technique to ease the burden of cloud storage in big data era by storing only one copy of duplicate data. Efficiency reflects the feasibility and is a basic consideration when applying the deduplication scheme. However, in order to achieve certain level of security, existing works suffer from heavy overhead of computation as well as communication, which is a big obstacle for the actual deployment. In this paper, we propose an efficient cross-user deduplication scheme for encrypted data, which takes the lead to consider the efficiency during deduplication and makes it a reality to achieve secure deduplication in a lightweight way. To ensure the efficiency, we utilize the proposed re-encryption technique together with a non-interactive convergent key generation scheme to eliminate the cost of users and support batch verification of recovered data. The simulation results show that, with the same level of security guaranteed, the proposed scheme is more efficient comparing with the state of the art.

Yukun Zhou,Dan Feng,Wen Xia,Min Fu,Fangting Huang,Yucheng Zhang,Chunguang Li

DOI: https://doi.org/10.1109/msst.2015.7208297

2015-01-01

Abstract:Nowadays, many customers and enterprises backup their data to cloud storage that performs deduplication to save storage space and network bandwidth. Hence, how to perform secure deduplication becomes a critical challenge for cloud storage. According to our analysis, the state-of-the-art secure deduplication methods are not suitable for cross-user fine-grained data deduplication. They either suffer brute-force attacks that can recover files falling into a known set, or incur large computation (time) overheads. Moreover, existing approaches of convergent key management incur large space overheads because of the huge number of chunks shared among users.Our observation that cross-user redundant data are mainly from the duplicate files, motivates us to propose an efficient secure deduplication scheme SecDep. SecDep employs UserAware Convergent Encryption (UACE) and Multi-Level Key management (MLK) approaches. (1) UACE combines cross-user file-level and inside-user chunk-level deduplication, and exploits different secure policies among and inside users to minimize the computation overheads. Specifically, both of file-level and chunk-level deduplication use variants of Convergent Encryption (CE) to resist brute-force attacks. The major difference is that the file-level CE keys are generated by using a server-aided method to ensure security of cross-user deduplication, while the chunk-level keys are generated by using a user-aided method with lower computation overheads. (2) To reduce key space overheads, MLK uses file-level key to encrypt chunk-level keys so that the key space will not increase with the number of sharing users. Furthermore, MLK splits the file-level keys into share-level keys and distributes them to multiple key servers to ensure security and reliability of file-level keys.Our security analysis demonstrates that SecDep ensures data confidentiality and key security. Our experiment results based on several large real-world datasets show that SecDep is more time-efficient and key-space-efficient than the state-of-the-art secure deduplication approaches.

Haoran Yuan,Xiaofeng Chen,Jin Li,Tao Jiang,Jianfeng Wang,Robert H. Deng

DOI: https://doi.org/10.1109/TSC.2019.2948007

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Data deduplication technique has been widely adopted by commercial cloud storage providers, which is both important and necessary in coping with the explosive growth of data. To further protect the security of users' sensitive data in the outsourced storage mode, many secure data deduplication schemes have been designed and applied in various scenarios. Among these schemes, secure and efficient re-encryption for encrypted data deduplication attracted the attention of many scholars, and many solutions have been designed to support dynamic ownership management. In this paper, we focus on the re-encryption deduplication storage system and show that the recently designed lightweight rekeying-aware encrypted deduplication scheme (REED) is vulnerable to an attack which we call it stub-reserved attack. Furthermore, we propose a secure data deduplication scheme with efficient re-encryption based on the convergent all-or-nothing transform (CAONT) and randomly sampled bits from the Bloom filter. Due to the intrinsic property of one-way hash function, our scheme can resist the stub-reserved attack and guarantee the data privacy of data owners' sensitive data. Moreover, instead of re-encrypting the entire package, data owners are only required to re-encrypt a small part of it through the CAONT, thereby effectively reducing the computation overhead of the system. Finally, security analysis and experimental results show that our scheme is secure and efficient in re-encryption.

Tao Jiang,Xiaofeng Chen,Qianhong Wu,Jianfeng Ma,Willy Susilo,Wenjing Lou

DOI: https://doi.org/10.1109/tifs.2016.2622013

IF: 7.231

2017-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Cross-client data deduplication has been widely used to eliminate redundant storage overhead in cloud storage system. Recently, Abadi et al. introduced the primitive of MLE2 with nice security properties for secure and efficient data deduplication. However, besides the computationally expensive noninteractive zero-knowledge proofs, their fully randomized scheme (R-MLE2) requires the inefficient equality-testing algorithm to identify all duplicate ciphertexts. Thus, an interesting challenging problem is how to reduce the overhead of R-MLE2 and propose an efficient construction for R-MLE2. In this paper, we introduce a new primitive called mu R-MLE2, which gives a partial positive answer for this challenging problem. We propose two schemes: static scheme and dynamic scheme, where the latter one allows tree adjustment by increasing some computation cost. Our main trick is to use the interactive protocol based on static or dynamic decision trees. The advantage gained from it is, by interacting with clients, the server will reduce the time complexity of deduplication equality test from linear time to efficient logarithmic time over the whole data items in the database. The security analysis and the performance evaluation show that our schemes are Path-PRV-CDA2 secure and achieve several orders of magnitude higher performance for data equality test than R-MLE2 scheme when the number of data items is relatively large.

Cheng Guo,Litao Wang,Xinyu Tang,Bin Feng,Guofeng Zhang

DOI: https://doi.org/10.1016/j.jisa.2023.103426

IF: 4.96

2023-01-01

Journal of Information Security and Applications

Abstract:Deduplication, which stores only one copy of duplicate data, is used extensively in cloud storage to reduce the overhead associated with storage. Unfortunately, client-side encryption prevents cloud storage from performing deduplication due to the randomness of traditional encryption. Some existing schemes can balance encryption and deduplication, but their interaction with third-party servers or online users adds additional overhead to the system. Also, the ownership of outsourced data will change frequently due to users’ requests to upload/delete/modify the data. But many existing schemes that can achieve dynamic ownership management have security flaws or require users to manage multiple keys. By focusing on these troubles, we have developed a secure deduplication scheme that does not rely on any third-party entities and supports data ownership management. More specifically, we take advantage of elliptic curve cryptography to design a key-sharing method so that different owners of the same data can share a random key only by interacting with the cloud service provider. And the broadcast encryption is used to manage the ownership of data, and this allows the cloud service provider to control users’ access to outsourced data by updating the broadcast key. In addition, the security analysis shows that the proposed scheme can meet the required security and that it outperforms other related schemes. The detailed simulation comparisons with other related schemes demonstrate that the proposed scheme has good performance.

Yukun Zhou,Dan Feng,Yu Hua,Wen Xia,Min Fu,Fangting Huang,Yucheng Zhang

DOI: https://doi.org/10.1016/j.future.2017.10.014

IF: 7.307

2017-01-01

Future Generation Computer Systems

Abstract:Data deduplication has been widely used in the cloud to reduce storage space. To protect data security, users encrypt data with message-locked encryption (MLE) to enable deduplication over ciphertexts. However, existing secure deduplication schemes suffer from security weakness (i.e., brute-force attacks) and fail to support flexible access control. The process of chunk-level MLE key generation and sharing exists potential privacy issues and heavy computation consumption.& para;& para;We propose EDedup, a similarity-aware encrypted deduplication scheme that supports flexible access control with revocation. Specifically, EDedup groups files into segments and performs server-aided MLE at segment-level, which exploits similarity via a representative hash (e.g., the min-hash) to reduce computation consumption. This nevertheless faces a new attack that an attacker gets keys by guessing the representative hash. And hence EDedup combines source-based similar-segment detection and target-based duplicate-chunk checking to resist attacks and guarantee deduplication efficiency. Furthermore, EDedup generates message-derived file keys for duplicate files to manage metadata. EDedup encrypts file keys via proxy-based attribute-based encryption, which reduces metadata storage overheads and implements flexible access control with revocation. Evaluation results demonstrate that EDedup improves the speed of MLE up to 10.9X and 0.36X compared with DupLESS-chunk and SecDep respectively. EDedup reduces metadata storage overheads by 39.9%-65.7% relative to REED. (C) 2017 Elsevier B.V. All rights reserved.

Mingyang Song,Zhongyun Hua,Yifeng Zheng,Tao Xiang,Xiaohua Jia

DOI: https://doi.org/10.1109/tdsc.2023.3334475

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:In cloud storage systems, secure deduplication plays a critical role in saving storage costs for the cloud server and ensuring data confidentiality for cloud users. Traditional secure deduplication schemes require users to encrypt their outsourced files using specific encryption algorithms that cannot provide semantic security. However, users are unable to directly benefit from the storage savings, as the relation between the actual storage cost and the offered prices remains not transparent. As a result, users may be unwilling to cooperate with the cloud by encrypting their data using semantically secure algorithms. Moreover, data integrity is a significant concern for cloud storage users. To address these issues, this paper proposes a novel transparent and secure deduplication scheme that supports integrity auditing. Compared to previous works, our design can verify the number of file owners and the integrity through one-time proof verification. It also protects the private contents of files and the privacy of file ownership from malicious users. Moreover, our scheme includes a batch auditing method to simultaneously verify the numbers of file owners and the integrity of multiple files. Theoretical analysis confirms the correctness and security of our scheme. Comparison results demonstrate its competing performance over previous solutions

Yan Kit Li,Xiaofeng Chen,Patrick P. C. Lee,Wenjing Lou,Jin Li,Sriram Keelveedhi,Thomas Ristenpart,Mihir Bellare

2020-01-01

Abstract:The popularity and widespread use of Cloud have brought great convenience for data sharing and data storage. The data sharing with a large number of participants take into account issuers like data integrity, efficiency and privacy of the owner for data. In cloud storage services one critical challenge is to manage ever-increasing volume of data storage in cloud. To make data management more scalable in cloud computing field, deduplication a well-known technique of data compression to eliminating duplicate copies of repeating data in storage over a cloud. Even if data deduplication brings a lot of benefits in security and privacy concerns arise as user's sensitive data are susceptible to both attacks insider and outsider. A convergent encryption method enforces data confidentiality while making deduplication feasible. Traditional deduplication systems based on convergent encryption even though provide confidentiality but do not support the duplicate check on basis of differential privileges. This paper presents, the idea of authorized data deduplication proposed to protect data security by including differential privileges of users in the duplicate check. Deduplication systems, users with differential privileges are further considered in duplicate check besides the data itself. To support stronger security the files are encrypted with differential privilege keys. Users are only allowed to perform the duplicate check for files marked with the corresponding privileges to access. The user can verify his/her presence of file after deduplication in cloud with the help of a third party

Jin Li,Xiaofeng Chen,Xinyi Huang,Shaohua Tang,Yang Xiang,Mohammad Mehedi Hassan,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1109/tc.2015.2401017

2015-01-01

Abstract:Data deduplication is a technique for eliminating duplicate copies of data, and has been widely used in cloud storage to reduce storage space and upload bandwidth. However, there is only one copy for each file stored in cloud even if such a file is owned by a huge number of users. As a result, deduplication system improves storage utilization while reducing reliability. Furthermore, the challenge of privacy for sensitive data also arises when they are outsourced by users to cloud. Aiming to address the above security challenges, this paper makes the first attempt to formalize the notion of distributed reliable deduplication system. We propose new distributed deduplication systems with higher reliability in which the data chunks are distributed across multiple cloud servers. The security requirements of data confidentiality and tag consistency are also achieved by introducing a deterministic secret sharing scheme in distributed storage systems, instead of using convergent encryption as in previous deduplication systems. Security analysis demonstrates that our deduplication systems are secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement the proposed systems and demonstrate that the incurred overhead is very limited in realistic environments.

Haoran Yuan,Xiaofeng Chen,Tao Jiang,Xiaoyu Zhang,Zheng Yan,Yang Xiang

DOI: https://doi.org/10.1016/j.ins.2018.05.024

IF: 8.1

2018-01-01

Information Sciences

Abstract:Data deduplication on cloud enables the cloud servers to store a cope of data and eliminate redundant one so that a goal to save storage space and network bandwidth is realized. Recently, many research works which are concerning to the privacy-preserving problem of dynamic ownership management in the secure data deduplication setting are published. However, to our knowledge, the existing schemes are not efficient when the cloud user joining and revocation frequently go on, especially in the absence of a trusted third party in practical cloud storage systems. In this paper, we propose a secure and scalable data deduplication scheme with dynamic user management, which updates dynamic group users in a secure way and restricts the unauthorized cloud users from the sensitive data owned by valid users. To further mitigate the communication overhead, the pre-verified accessing control technology is adopted, which prevents the unauthorized cloud users from downloading data. In other words, our present scheme also ensures that only the valid cloud users are able to download and decrypt the ciphertext from the cloud server. All this reduces the communication overhead in our scheme implementation. (C) 2018 Elsevier Inc. All rights reserved.

Meixia Miao,Jianfeng Wang,Hui Li,Xiaofeng Chen

DOI: https://doi.org/10.1016/j.pmcj.2015.03.002

IF: 3.848

2015-01-01

Pervasive and Mobile Computing

Abstract:Cloud computing enables on-demand and ubiquitous access to a centralized pool of configurable resources such as networks, applications, and services. This makes that huge of enterprises and individual users outsource their data into the cloud server. As a result, the data volume in the cloud server is growing extremely fast. How to efficiently manage the ever-increasing datum is a new security challenge in cloud computing. Recently, secure deduplication techniques have attracted considerable interests in the both academic and industrial communities. It can not only provide the optimal usage of the storage and network bandwidth resources of cloud storage providers, but also reduce the storage cost of users. Although convergent encryption has been extensively adopted for secure deduplication, it inevitably suffers from the off-line brute-force dictionary attacks since the message usually can be predictable in practice. In order to address the above weakness, the notion of DupLESS was proposed in which the user can generate the convergent key with the help of a key server. We argue that the DupLESS does not work when the key server is corrupted by the cloud server. In this paper, we propose a new multi-server-aided deduplication scheme based on the threshold blind signature, which can effectively resist the collusion attack between the cloud server and multiple key servers. Furthermore, we prove that our construction can achieve the desired security properties.

Xuewei Ma,Wenyuan Yang,Yuesheng Zhu,Zhiqiang Bai

DOI: https://doi.org/10.1109/ipccc55026.2022.9894331

2022-01-01

Abstract:Encrypted data deduplication is an important technique for saving storage space and network bandwidth, which has been widely used in cloud storage. Recently, a number of schemes that solve the problem of data deduplication with dynamic ownership management have been proposed. However, these schemes suffer from low efficiency when the dynamic ownership changes a lot. To this end, in this paper, we propose a novel server-side deduplication scheme for encrypted data in a hybrid cloud architecture, where a public cloud (Pub-CSP) manages the storage and a private cloud (Pri-CSP) plays a role as the data owner to perform deduplication and dynamic ownership management. Further, to reduce the communication overhead we use an initial uploader check mechanism to ensure only the first uploader needs to perform encryption, and adopt an access control technique that verifies the validity of the data users before they download data. Our security analysis and performance evaluation demonstrate that our proposed server-side deduplication scheme has better performance in terms of security, effectiveness, and practicability compared with previous schemes. Meanwhile, our method can efficiently resist collusion attacks and duplicate faking attacks.

Jin Li,Xiaofeng Chen,Mingqiang Li,Jingwei Li,Patrick P. C. Lee,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2013.284

IF: 5.3

2014-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Data deduplication is a technique for eliminating duplicate copies of data, and has been widely used in cloud storage to reduce storage space and upload bandwidth. Promising as it is, an arising challenge is to perform secure deduplication in cloud storage. Although convergent encryption has been extensively adopted for secure deduplication, a critical issue of making convergent encryption practical is to efficiently and reliably manage a huge number of convergent keys. This paper makes the first attempt to formally address the problem of achieving efficient and reliable key management in secure deduplication. We first introduce a baseline approach in which each user holds an independent master key for encrypting the convergent keys and outsourcing them to the cloud. However, such a baseline key management scheme generates an enormous number of keys with the increasing number of users and requires users to dedicatedly protect the master keys. To this end, we propose Dekey , a new construction in which users do not need to manage any keys on their own but instead securely distribute the convergent key shares across multiple servers. Security analysis demonstrates that Dekey is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement Dekey using the Ramp secret sharing scheme and demonstrate that Dekey incurs limited overhead in realistic environments.

Saiyu Qi,Wei Wei,Jianfeng Wang,Shifeng Sun,Leszek Rutkowski,Tingwen Huang,Janusz Kacprzyk,Yong Qi

DOI: https://doi.org/10.1109/tmc.2023.3263901

IF: 6.075

2023-01-01

IEEE Transactions on Mobile Computing

Abstract:Data deduplication is of vital importance for mobile cloud computing to cope with the explosive growth of outsourced mobile data. In order to ensure the privacy of sensitive mobile data against an untrusted cloud, Message-Locked Encryption (MLE) has been proposed to enable deduplication over ciphertext. However, MLE prohibits data access control since it uses deterministic content-derived encryption keys. Recently, a lightweight rekeying-aware encrypted deduplication system (REED) has been proposed to achieve dynamic access control for secure data deduplication. However, REED is vulnerable to key-retaining attack and stub-retaining attack, which leads to insecure access revocation, and thus cannot support secure dynamic access control. In response, we present AC-Dedup, an encrypted deduplication storage system that supports secure dynamic access control for mobile cloud storage. At the core of AC-Dedup are two novel encryption techniques named mixed message locked encryption and random stub re-encryption to resist the two types of attacks, respectively. To the best of our knowledge, AC-Dedup is the first practical system that achieves secure data deduplication and secure dynamic access control simultaneously. We conduct security analysis and experimental evaluation on mobile device and cloud platform with real-world IoT datasets. The results show that AC-Dedup enables secure and efficient dynamic access control while preserving deduplication effectiveness.

computer science, information systems,telecommunications

GU Bolun,XU Zikai,LI Weihai,YU Nenghai

DOI: https://doi.org/10.11959/j.issn.2096-109x.2024055

2024-01-01

Abstract:With the rapid development and application of the Internet, traditional storage resources have been found unable to meet the growing demand for massive data storage. An increasing number of users have attempted to upload their data to third-party cloud servers for unified storage. Efficient deduplication and secure file sharing in the cloud have emerged as critical concerns. Moreover, users have always preferred to customize their passwords for encrypting and decrypting files, only sharing encrypted files when necessary. Based on this preference, a deterministic stepwise encryption algorithm was first designed. It was such that when the keys for the two steps of encryption satisfied a certain relationship, the two steps of encryption could be equivalent to a single encryption process. A novel key-customizable encrypted deduplication scheme with access control for cloud storage was proposed, utilizing the deterministic stepwise encryption algorithm to encrypt files and a ciphertext-policy attribute-based encryption algorithm to encrypt file keys. This scheme not only offered the flexibility to customize encryption and decryption keys for different users with the same files, but also ensured secure file sharing through a dynamic access control mechanism. Moreover, the optional access control component was made compatible with the majority of existing ciphertext-policy attribute-based encryption (CP-ABE) schemes, even allowing for different CP-ABE schemes within different attribute groups. Security analysis results show that the proposed scheme achieves the highest level of security under the current encrypted deduplication paradigm. Experimental and analytical results indicate that it effectively meets the practical needs of cloud service providers and users, and also achieves acceptable efficiency.

Yunling Wang,Meixia Miao,Jianfeng Wang,Xuefeng Zhang

DOI: https://doi.org/10.1016/j.csi.2021.103523

2021-10-01

Abstract:<p>Secure deduplication is a promising solution to greatly reduce the storage space of the cloud. However, the encryption key is deterministically derived from the plaintext, such that who owns the plaintext has the derived key to decrypt the ciphertext. Therefore, how to revoke a user in deduplication schemes is a critical challenge. In the existing work, when updating the data authority, the data owner has to download the data from the cloud, decrypt, re-encrypt and finally upload them to the cloud. This process increases the communication and computation overheads. In this paper, we first propose a multi-user updatable encryption scheme. Specifically, the data owner can update the remote ciphertext under a new group key by sending an update token to the cloud. Then we adopt this technique to propose a new secure deduplication scheme supporting efficiently revoking an unauthorized user. In our scheme, the data owner just needs to send a token to the cloud to update the data authority, which saves the communication and computation costs. The security and efficiency analysis demonstrate that our proposed deduplication scheme can achieve the desired security properties with high efficiency.</p>

computer science, software engineering, hardware & architecture

Jin Li,Yan Kit Li,Xiaofeng Chen,Patrick P. C. Lee,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2014.2318320

IF: 5.3

2015-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before out-sourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new deduplication constructions supporting authorized duplicate check in a hybrid cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.

Ling Liu,Yuqing Zhang,Xuejun Li

DOI: https://doi.org/10.1109/tcc.2018.2869333

IF: 5.697

2021-04-01

IEEE Transactions on Cloud Computing

Abstract:Deduplication, which can save storage cost by enabling us to store only one copy of identical data, becomes unprecedentedly significant with the dramatic increase in data stored in the cloud. For the purpose of ensuring data confidentiality, they are usually encrypted before outsourced. Traditional encryption will inevitably result in multiple different ciphertexts produced from the same plaintext by different users’ secret keys, which hinders data deduplication. Convergent encryption makes deduplication possible since it naturally encrypts the same plaintexts into the same ciphertexts. One attendant problem is how to reliably and effectively manage a huge number of convergent keys. Several deduplication schemes have been proposed to deal with the convergent key management problem. However, they either need to introduce key management servers or require interaction between data owners. In this paper, we design a novel client-side deduplication protocol named KeyD without such an independent key management server by utilizing the identity-based broadcast encryption (IBBE) technique. Users only interact with the cloud service provider (CSP) during the process of data upload and download. Security analysis demonstrates that KeyD ensures data confidentiality and convergent key security, and well protects the ownership privacy simultaneously. A thorough and detailed performance comparison shows that our scheme makes a better tradeoff among the storage cost, communication and computation overhead.

computer science, information systems, theory & methods