Electronics and Telecommunications Trends (전자통신동향분석)

Electronics and Telecommunications Research Institute (한국전자통신연구원)
권호 표지
DOI QR코드

DOI QR Code

Deduplication Technologies over Encrypted Data

암호데이터 중복처리 기술

  • Published : 2018.02.01
Download PDF
⟨ Previous Next ⟩

Abstract

Data deduplication is a common used technology in backup systems and cloud storage to reduce storage costs and network traffic. To preserve data privacy from servers or malicious attackers, there has been a growing demand in recent years for individuals and companies to encrypt data and store encrypted data on a server. In this study, we introduce two cryptographic primitives, Convergent Encryption and Message-Locked Encryption, which enable deduplication of encrypted data between clients and a storage server. We analyze the security of these schemes in terms of dictionary and poison attacks. In addition, we introduce deduplication systems that can be implemented in real cloud storage, which is a practical application environment, and describes the proof of ownership on client-side deduplication.

Keywords

Acknowledgement

Grant : 임베디드 보안장치의 비밀 데이터 누출 안전성 검증을 위한 학습기반 템플릿 분석 소프트웨어 개발(T&HO 프로젝트)

Supported by : 정보통신기술진흥센터

References

  1. J.R. Douceur, A. Adya, W.J. Bolosky, P. Simon, and M. Theimer, "Reclaiming Space from Duplicate Files in a Serverless Distributed File System," In Proc. Int. Conf. Distr. Comput. Syst., Vienna, Austria, July 2-5, 2002, pp. 617-624.
  2. M. Bellare, S. Keelveedhi, and T. Ristenpart, "Message-Locked Encryption and Secure Deduplication," In Adv. Cryptology-Eurocrypt, Athens, Greece, May 2013, pp. 296-312.
  3. Z. Wilcox-O'Hearn et al., "Confirmation of a File Attack," Accessed 2018. https://tahoe-lafs.org/hacktahoelafs/drew_perttula.html
  4. N. Kaaniche and M. Laurent, "A Secure Client Side Deduplication Scheme in Cloud Storage Environments," In Proc. Int. Conf. New Technol., Mobility Security, Dubai, United Arab Emirates, Mar. 30-Apr. 2, 2014, pp. 1-7.
  5. K. Kim, T.-Y. Youn, N.-S. Jho, and K.-Y. Chang, "Client-Side Deduplication to Enhance Security and Reduce Communication Costs," ETRI J., vol. 39, no. 1, Feb. 2017, pp. 116-123. https://doi.org/10.4218/etrij.17.0116.0039
  6. M. Bellare, S. Keelveedhi, and T. Ristenpart, "DupLESS: Server-Aided Encryption for Deduplicated Storage," Proc. USENIX Conf. Security, Washington, DC, USA, Aug. 14-16, 2013, pp. 179-194.
  7. D. Chaum, "Blind Signatures for Untraceable Payments," In Advances in Cryptology, Boston, MA, USA: Springer, 1983, pp. 199-203.
  8. P. Puzio, R. Molva, M. Onen, and S. Loureiro, "ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage," In IEEE Int. Conf. Cloud Comput. Technol. Sci., Bristol, UK, Dec. 2-5, 2013, pp. 363-370.
  9. J. Stanek, A. Sorniotti, E. Androulaki, and L. Kencl, "A Secure Data Deduplication Scheme for Cloud Storage," IBM Technical Report 2013.
  10. S. Halevi, D. Harnik, B PinKas, and A. Shulman-Peleg, "Proofs of Ownership in Remote Storage Systems," In Proc. ACM Conf. Comput. Commun, Security, Chicago, IL, USA, Oct. 2011, pp. 491-500.
  11. Wikipedia, Merkle Tree, Accessed 2018. https://en.wikipedia.org/wiki/Merkle_tree
  12. J. Blasco, R. di Pietro, A. Orfila, and A. Sorniotti, "A Tunable Proof of Ownership Scheme for Deduplication Using Bloom Filters" In IEEE, Conf. Commun. Netw. Security, San Francisco, CA, USA, Oct. 29-31, 2014, pp. 481-489.
  13. K.D. Bowers, A. Juels, and A. Oprea, "Proofs of Retrievability: Theory and Implementation," In Proc. ACM Conf. Comput. Commun. Security, Chicago, IL, USA, Nov. 13, 2009, pp. 43-54.