无第三方服务器的基于数据流行度的加密去重方案

哈冠雄; 贾巧雯; 陈杭; 贾春福

doi:10.11959/j.issn.1000-436x.2022151

您当前的位置：

首页 >

文章列表页 >

无第三方服务器的基于数据流行度的加密去重方案

学术论文 | 更新时间：2024-06-05

- 无第三方服务器的基于数据流行度的加密去重方案
- Data popularity-based encrypted deduplication scheme without third-party servers
- 通信学报 2022年43卷第8期页码：17-29
- 作者机构：
  
  1. 南开大学网络空间安全学院，天津 300350
  2. 天津市网络与数据安全技术重点实验室，天津 300350
  3. 中国科学院软件研究所，北京 100190
- 作者简介：
  
  [ "哈冠雄（1995- ），男，回族，天津人，南开大学博士生，主要研究方向为云数据安全、密码学应用、加密数据去重" ]
  [ "贾巧雯（1992- ），女，天津人，中国科学院软件研究所博士生，主要研究方向为并行编程和软件验证、计算机系统安全" ]
  [ "陈杭（1998- ），女，天津人，南开大学硕士生，主要研究方向为密码学应用、加密去重" ]
  [ "贾春福（1967- ），男，河北文安人，博士，南开大学教授、博士生导师，主要研究方向为网络与信息安全、可信计算、恶意代码分析、密码学及应用等" ]
- 基金信息：
  
  国家重点研发计划基金资助项目;The National Key Research and Development Program of China(2018YFA0704703);国家自然科学基金资助项目;The National Natural Science Foundation of China(61972215);国家自然科学基金资助项目;The National Natural Science Foundation of China(61972073);国家自然科学基金资助项目;The National Natural Science Foundation of China(62172238);天津市自然科学基金资助项目;The Natural Science Foundation of Tianjin(20JCZDJC00640)
- DOI：10.11959/j.issn.1000-436x.2022151
  中图分类号： TP309.2
- 网络出版日期：2022-08，
  
  纸质出版日期：2022-08-25
- 稿件说明：
移动端阅览
哈冠雄, 贾巧雯, 陈杭, 等. 无第三方服务器的基于数据流行度的加密去重方案[J]. 通信学报, 2022,43(8):17-29.

Guanxiong HA, Qiaowen JIA, Hang CHEN, et al. Data popularity-based encrypted deduplication scheme without third-party servers[J]. Journal on communications, 2022, 43(8): 17-29.
哈冠雄, 贾巧雯, 陈杭, 等. 无第三方服务器的基于数据流行度的加密去重方案[J]. 通信学报, 2022,43(8):17-29. DOI： 10.11959/j.issn.1000-436x.2022151.

Guanxiong HA, Qiaowen JIA, Hang CHEN, et al. Data popularity-based encrypted deduplication scheme without third-party servers[J]. Journal on communications, 2022, 43(8): 17-29. DOI： 10.11959/j.issn.1000-436x.2022151.

摘要

在加密去重系统中，基于流行度为数据设定不同级别的安全保护可有效平衡数据安全与存储效率。现有方案均需引入第三方服务器协助统计数据流行度，而第三方易成为单点故障和效率瓶颈。针对此问题，提出了一个无第三方服务器的基于数据流行度的加密去重方案，基于Count-Min sketch算法和Merkle Puzzles协议实现数据流行度的安全统计，并通过用户间执行 sPAKE 协议实现不流行数据的加密去重。安全性分析和实验评估表明所提方案是安全且高效的。

Abstract

It is effective to balance data security and storage efficiency for setting different levels of security protection for data based on popularity in encrypted deduplication systems.Existing schemes all need introduce a trusted third-party for recording data popularity

while the third party is prone to a single point of failure and efficiency bottleneck.To address this problem

a popularity-based encrypted deduplication scheme without third-party servers was proposed

which accurately recorded the data popularity based on the Count-Min sketch algorithm and Merkle Puzzles protocol

and achieved encrypted deduplication of unpopular data through the sPAKE protocols performed among users.Security analysis and experimental evaluation show that the proposed scheme is secure and efficient.

关键词

Keywords

references

冯登国 , 张敏 , 张妍 , 等 . 云计算安全研究 [J ] . 软件学报 , 2011 , 22 ( 1 ): 71 - 83 .

FENG D G , ZHANG M , ZHANG Y , et al . Study on cloud computing security [J ] . Journal of Software , 2011 , 22 ( 1 ): 71 - 83 .

熊金波 , 张媛媛 , 李凤华 , 等 . 云环境中数据安全去重研究进展 [J ] . 通信学报 , 2016 , 37 ( 11 ): 169 - 180 .

XIONG J B , ZHANG Y Y , LI F H , et al . Research progress on secure data deduplication in cloud [J ] . Journal on Communications , 2016 , 37 ( 11 ): 169 - 180 .

SHIN Y , KOO D , HUR J . A survey of secure data deduplication schemes for cloud storage systems [J ] . ACM Computing Surveys , 2017 , 49 ( 4 ): 1 - 38 .

DOUCEUR J R , ADYA A , BOLOSKY W J , et al . Reclaiming space from duplicate files in a serverless distributed file system [C ] // Proceedings of the 22nd International Conference on Distributed Computing Systems . Piscataway:IEEE Press , 2002 : 617 - 624 .

BELLARE M , KEELVEEDHI S , RISTENPART T . DupLESS:server-aided encryption for deduplicated storage [C ] // Proceedings of the 22nd USENIX Conference on Security . Berkeley:USENIX Association , 2013 : 179 - 194 .

STANEK J , KENCL L . Enhanced secure thresholded data deduplication scheme for cloud storage [J ] . IEEE Transactions on Dependable and Secure Computing , 2018 , 15 ( 4 ): 694 - 707 .

PUZIO P , MOLVA R , ÖNEN M , et al . PerfectDedup:secure data deduplication [C ] // Proceedings of the 10th International Workshop on Data Privacy Management . Berlin:Springer , 2015 : 150 - 166 .

HA G X , CHEN H , JIA C F , et al . A secure deduplication scheme based on data popularity with fully random tags [C ] // Proceedings of 2021 IEEE 20th International Conference on Trust,Security and Privacy in Computing and Communications (TrustCom) . Piscataway:IEEE Press , 2021 : 207 - 214 .

高文静 , 咸鹤群 , 程润辉 . 基于双层加密和密钥共享的云数据去重方法 [J ] . 计算机学报 , 2021 , 44 ( 11 ): 2203 - 2215 .

GAO W J , XIAN H Q , CHENG R H . A cloud data deduplication method based on double-layered encryption and key sharing [J ] . Chinese Journal of Computers , 2021 , 44 ( 11 ): 2203 - 2215 .

CORMODE G , MUTHUKRISHNAN S . An improved data stream summary:the Count-Min sketch and its applications [J ] . Journal of Algorithms , 2005 , 55 ( 1 ): 58 - 75 .

MCQUOID I , ROSULEK M , ROY L . Minimal symmetric PAKE and 1-out-of-N OT from programmable-once public functions [C ] // Pro ceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2020 : 425 - 442 .

MERKLE R C . Secure communications over insecure channels [J ] . Communications of the ACM , 1978 , 21 ( 4 ): 294 - 299 .

XU J , CHANG E C , ZHOU J Y . Weak leakage-resilient client-side deduplication of encrypted data in cloud storage [C ] // Proceedings of the 8th ACM SIGSAC symposium on Information,Computer and Communications Security . New York:ACM Press , 2013 : 195 - 206 .

HALEVI S , HARNIK D , PINKAS B , et al . Proofs of ownership in remote storage systems [C ] // Proceedings of the 18th ACM Conference on Computer and Communications Security . New York:ACM Press , 2011 : 491 - 500 .

BELLARE M , KEELVEEDHI S , RISTENPART T . Message-locked encryption and secure deduplication [C ] // Advances in Cryptology EUROCRYPT 2013 . Berlin:Springer , 2013 : 296 - 312 .

熊金波 , 李素萍 , 张媛媛 , 等 . 共享所有权证明:协作云数据安全去重新方法 [J ] . 通信学报 , 2017 , 38 ( 7 ): 18 - 27 .

XIONG J B , LI S P , ZHANG Y Y , et al . PoSW:novel secure deduplication scheme for collaborative cloud applications [J ] . Journal on Communications , 2017 , 38 ( 7 ): 18 - 27 .

XU R H , JOSHI J , KRISHNAMURTHY P . An integrated privacy preserving attribute-based access control framework supporting secure deduplication [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 2 ): 706 - 721 .

贾春福 , 哈冠雄 , 李瑞琪 . 密文去重系统中的数据访问控制策略 [J ] . 通信学报 , 2020 , 41 ( 5 ): 72 - 83 .

JIA C F , HA G X , LI R Q . Data access control policy of encrypted deduplication system [J ] . Journal on Communications , 2020 , 41 ( 5 ): 72 - 83 .

贾春福 , 哈冠雄 , 武少强 , 等 . 加密去重场景下基于 AONT 和NTRU的密钥更新方案 [J ] . 通信学报 , 2021 , 42 ( 10 ): 67 - 80 .

JIA C F , HA G X , WU S Q , et al . AONT-and-NTRU-based rekeying scheme for encrypted deduplication [J ] . Journal on Communications , 2021 , 42 ( 10 ): 67 - 80 .

LI J W , LEE P P C , TAN C F , et al . Information leakage in encrypted deduplication via frequency analysis [J ] . ACM Transactions on Storage , 2020 , 16 ( 1 ): 1 - 30 .

LI J W , YANG Z R , REN Y J , et al . Balancing storage efficiency and data confidentiality with tunable encrypted deduplication [C ] // Proceedings of the Fifteenth European Conference on Computer Systems . New York:ACM Press , 2020 : 1 - 15 .

HARNIK D , PINKAS B , SHULMAN-PELEG A , . Side channels in cloud services:deduplication in cloud storage [J ] . IEEE Security ＆Privacy , 2010 , 8 ( 6 ): 40 - 47 .

ZHANG Y , MAO Y L , XU M Z , et al . Towards thwarting template side-channel attacks in secure cloud deduplications [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 3 ): 1008 - 1018 .

YU C M , GOCHHAYAT S P , CONTI M , et al . Privacy aware data deduplication for side channel in cloud storage [J ] . IEEE Transactions on Cloud Computing , 2020 , 8 ( 2 ): 597 - 609 .

ABDALLA M , POINTCHEVAL D . Simple password-based encrypted key exchange protocols [C ] // The Cryptographers’ Track at the RSA Conference . Berlin:Springer , 2005 : 191 - 208 .

YU C M , . POSTER:efficient cross-user chunk-level client-side data deduplication with symmetrically encrypted two-party interactions [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2016 : 1763 - 1765 .

LIU J , ASOKAN N , PINKAS B . Secure deduplication of encrypted data without additional independent servers [C ] // Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2015 : 874 - 885 .

浏览量

504

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

加密去重场景下基于AONT和NTRU的密钥更新方案

面向连接关键词可搜索加密的查询恢复攻击

面向云存储的属性基双边访问控制方案

基于区块链且可验证的智能电网多维数据聚合与分享方案

基于分层结构的匹配量隐藏加密多重映射方案