New method for file deduplication in cloud storage

Chao YANG; Qian JI; Si-chun XIONG; Mao-zhen LIU; Jian-feng MA; Qi JIANG; Lin BAI

doi:10.11959/j.issn.1000-436x.2017057

您当前的位置：

首页 >

文章列表页 >

New method for file deduplication in cloud storage

Papers | 更新时间：2024-06-05

- New method for file deduplication in cloud storage
- Journal on Communications Vol. 38, Issue 3, Pages: 25-33(2017)
- 作者机构：
  
  1. 西安电子科技大学网络与信息安全学院，陕西西安 710071
  2. 西安邮电大学计算机学院，陕西西安 710121
- 作者简介：
- 基金信息：
  
  The National Natural Science Foundation of China(61672415);The National Natural Science Foundation of China(61671360);The National Natural Science Foundation of China(61672413);The Natural Science Project by Shaanxi Province Office of Education(14JK1665)
- DOI：10.11959/j.issn.1000-436x.2017057
  CLC： TP391
- Online First：2017-03，
  
  Published：15 March 2017
- 稿件说明：
移动端阅览
Chao YANG, Qian JI, Si-chun XIONG, et al. New method for file deduplication in cloud storage[J]. Journal on Communications, 2017, 38(3): 25-33.
DOI：

Chao YANG, Qian JI, Si-chun XIONG, et al. New method for file deduplication in cloud storage[J]. Journal on Communications, 2017, 38(3): 25-33. DOI： 10.11959/j.issn.1000-436x.2017057.

摘要

去重被广泛地应用于云存储服务中以节省带宽和存储资源，然而，客户端去重复化删除中仍存在安全缺陷，使外部攻击者可访问用户私有数据。基于密文的跨用户的去重复化删除方案Xu-CDE被首次提出，该方案支持在外部攻击者和诚实且好奇的服务器同时存在的场景下保护数据隐私，具有良好的理论意义和代表性。然而该方案中的用户所有权认证凭据缺乏实时性保护，以致不能抵抗重放攻击。针对该缺陷，提出改进方案云存储中基于 MLE 与随机数改进的客户端密文去重（MRN-CDE），引入随机因子以保障认证凭据的实时性，并利用MLE-K

算法通过原始文件提取密钥代替用文件本身作为加密密钥，在提高安全性的同时大大降低了运算量。经过安全性分析与测试，结果表明，所提出的改进方案MRN-CDE在Xu-CDE方案的基础上，不仅增强所有权认证的安全性，而且在时间效率上也有所提高，对于云端大文件的文件去重效果尤其佳，具有一定的应用价值。

Abstract

Deduplication is widely used in cloud storage service to save bandwidth and storage resources

however

the security of client deduplication still flaws in an external attack to access a user’s private data.Xu-CDE

a deduplication solution of encrypting data for multi-client was first proposed

which could protect the privacy of data from the external attackers and honest but curious server

with favorable theoretical meaning and representativeness.However

in Xu-CDE

the user ownership authentication credentials were lack of instantaneity protection

which could not resist replay attack.As an improvement to the flaw

the protocol MRN-CDE (MLE based and random number modified client-side deduplication of encrypted data in cloud storage) was proposed

adding random number in order to ensure the instantaneity of the authentication credentials

and using the algorithm of MLE-K

to extract key from original file to replace the file itself as an encryption key.As a consequence

the new protocol improved security while significantly reduced the amount of computation.After the safety analysis and the actual tests

results show that based on Xu-CDE

the proposed protocol MRN-CDE has stronger security of ownership

and improves time efficiency.Specially

the new protocol works better on large files in

cloud with a certain value.

关键词

Keywords

references

BARACALDO N , ANDROULAKI E , GLIDER J , et al . Reconciling end-to-end confidentiality and data reduction in cloud storage [C ] // Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security . 2014 .

熊金波 , 李凤华 , 王彦超 , 等 . 基于密码学的云数据确定性删除研究进展 [J ] . 通信学报 , 2016 , 37 ( 8 ): 167 - 184 .

XIONG J B , LI F H , WANG Y C , et al . Research progress on cloud data assured deletion based on cryptography [J ] . Journal on Communi cations , 2016 , 37 ( 8 ): 167 - 184 .

HARNIK D , PINKAS B,SHULMAN-PELEG A . Side channels in cloud services,the case of deduplication in cloud storage [J ] . IEEE Security and Privacy , 2010 , 8 ( 6 ): 40 - 47 .

MULAZZANI M , SCHRITTWIESER S , LEITHNER M , et al . Dark clouds on the horizon:using cloud storage as attack vector and online slack space [C ] // USENIX Security Symposium . 2011 .

HALEVI S , HARNIK D , PINKAS B , et al . Proofs of ownership in remote storage systems [C ] // ACM Conference on Computer and Communications Security . 2011 : 491 - 500 .

ROBERTO D P , ALESSANDRO S . Boosting efficiency and security in proof of ownership for deduplication [C ] // ACM Symposium on Information,Computer and Communications Security . 2012 : 81 - 82 .

PIETRO D , ROBERTO , SORNIOTTI A . Proof of ownership for deduplication systems:a secure,scalable,and efficient solution [J ] . Computer Communications , 2016 , 82 ( 2 ): 71 - 82 .

DOUCEUR J , BOLOSKY W THEIMER M . US Patent 7266689:encryption systems and methods for identifying and coalescing identical objects encrypted with different keys [P ] . 2007 .

GONZÁLEZ-MANZANO L , ORFILA A . An efficient confidentiality-preserving proof of ownership for deduplication [J ] . Journal of Network and Computer Applications , 2015 , 50 ( 1 ): 49 - 59 .

XU J , CHANG E C , ZHOU J Y . Weak leakage-resilient client-side deduplication of encrypted data in cloud storage [C ] // The 8th ACM Symposium on Information,Computer and Communications Security . 2013 : 195 - 206 .

TANG H Y , CUI Y , GUAN C W , et al . Enabling ciphertext deduplication for secure cloud storage and access control [C ] // The 11th ACM on Asia Conference on Computer and Communications Security . 2016 : 59 - 70 .

BELLARE M , KEELVEEDHI S , RISTENPART T . Message-locked encryption and secure deduplication [C ] // Advances in CryptologyCRYPTO 2013,Lecture Notes in Computer Science . 2013 : 374 - 391 .

RASHID F , MIRI A , WOUNGANG I . Proof of retrieval and ownership protocols for enterprise-level data deduplication [C ] // The 2013 Conference of the Center for Advanced Studies on Collaborative Research . 2013 : 81 - 90 .

Views

1516

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Query recovery attacks against conjunctive keyword searchable encryption

Attribute-based bilateral access control scheme for cloud storage

Blockchain-based and verifiable multidimensional data aggregation and sharing scheme for smart grid

Volume-hiding encrypted multi-map scheme based on hierarchical structure

Data popularity-based encrypted deduplication scheme without third-party servers

Related Author

DU Ruiying

SHEN Bei

HE Kun

ZHAO Chenbin

WANG Beining

CHEN Jing

LI Qi

FAN Haoyuan

Related Institution

School of Cyber Science and Engineering, Wuhan University

Key Laboratory of Cryptography of Zhejiang Province, Hangzhou Normal University

School of Computer Science, Nanjing University of Posts and Telecommunications

The School of Computer Science and Technology, Xidian University

Tongda College of Nanjing University of Posts and Telecommunications

AI问答

⁰