Abstract
Convergent encryption has been widely used in secure deduplication technology, but because the data itself is predictable, directly using the hash value of the data as a key is vulnerable to brute force attacks. To this end, researchers have proposed some more secure key management methods. However, they have limited scope of application and poor performance. Therefore, this paper proposes a hierarchical key management scheme based on threshold blind signature. The convergence key generated by multiple key servers ensures the key’s confidentiality, and it effectively avoid the threat of brute force attacks. Moreover, key servers are divided into master key nodes and sub-key nodes, which can reduce the interaction between key servers and improve the efficiency of system initialization. This architecture enables sub-key nodes to be distributed in multiple independent network domains and interact with master key nodes through the Internet. On the one hand, it supports to cross-domain deduplication, and on the other hand, it makes the sub-key node closer to the end user, reducing communication delay for improving key generation efficiency. The experimental results show that the proposed scheme has a greater performance improvement in system initialization and key generation than the fully distributed key management scheme.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lv Z, Qiao L (2020) Analysis of healthcare big data. Futur Gener Comput Syst 109:103–110. https://doi.org/10.1016/j.future.2020.03.039
Cui Y, Kara S, Chan KC (2020) Manufacturing big data ecosystem: A systematic literature review. Robot Comput-Integrated Manufact 62:101861. https://doi.org/10.1016/j.rcim.2019.101861
Xia W, et al. (2020) The design of fast Content-Defined chunking for data deduplication based storage systems. IEEE Trans Parallel Distrib Syst 31(9):2017–2031. https://doi.org/10.1109/TPDS.2020.2984632
Sun P (2020) Security and privacy protection in cloud computing: Discussions and challenges. J Netw Comput Appl 160:102642. https://doi.org/10.1016/j.jnca.2020.102642
Shin Y, Koo D, Hur J (2017) A survey of secure data deduplication schemes for cloud storage systems. ACM Comput Surv 4:49. https://doi.org/10.1145/3017428
Douceur JR, Adya A, Bolosky WJ, Simon P, Theimer M (2002) Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings 22nd international conference on distributed computing systems, pp 617–624, DOI https://doi.org/10.1109/ICDCS.2002.1022312, (to appear in print)
Bellare M, Keelveedhi S, Ristenpart T (2013) DupLESS: Server-Aided Encryption for Deduplicated Storage. In: Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13), Washington, DC. pp 179–194. [Online]. Available: https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/bellare
Miao M, Wang J, Li H, Chen X (2015) Secure multi-server-aided data deduplication in cloud computing. Pervasive Mob Comput 24:129–137. https://doi.org/10.1016/j.pmcj.2015.03.002
Shin Y, Koo D, Yun J, Hur J (2020) Decentralized Server-Aided encryption for secure deduplication in cloud storage. IEEE Trans Serv Comput 13(6):1021–1033. https://doi.org/10.1109/TSC.2017.2748594
Nayak SK, Tripathy S (2020) SEDS: Secure and efficient server-aided data deduplication scheme for cloud storage. Int J Inf Secur 19(2):229–240. https://doi.org/10.1007/s10207-019-00455-w
Mi B, Li Y, Darong H, Wei T, Zou Q (2020) Secure data de-duplication based on threshold blind signature and bloom filter in internet of things. IEEE Access 8:167113–167122. https://doi.org/10.1109/ACCESS.2020.3023750
Bellare M, Keelveedhi S, Ristenpart T (2013) Message-locked encryption and secure deduplication. In: Johansson T, Nguyen PQ (eds) Advances in Cryptology – EUROCRYPT 2013: 32nd Annual international conference on the theory and applications of cryptographic techniques, Athens, Greece, May 26-30, 2013. Proceedings. Springer, Berlin, pp 296–312
Abadi M, Boneh D, Mironov I, Raghunathan A, Segev G (2013) Message-locked encryption for lock-dependent messages. In: Advances in Cryptology-CRYPTO 2013. [Online]. Available: https://www.microsoft.com/en-us/research/publication/message-locked-encryption-for-lock-dependent-messages/, vol 8042, pp 374–391
Zhao Y, Chow SSM (2019) Updatable block-level message-locked encryption. IEEE Transactions on Dependable and Secure Computing, 1–1. https://doi.org/10.1109/TDSC.2019.2922403
Premkamal PK, Pasupuleti SK, Singh AK, Alphonse PJA (2021) Enhanced attribute based access control with secure deduplication for big data storage in cloud. Peer-to-Peer Netw Appl 14(1):102–120. https://doi.org/10.1007/s12083-020-00940-3
Zhang G, Yang Z, Xie H, Liu W (2021) A secure authorized deduplication scheme for cloud data based on blockchain. Inform Process Manag 58(3):102510. https://doi.org/10.1016/j.ipm.2021.102510
Olakanmi OO, Odeyemi KO (2021) Faster and efficient cloud-server-aided data de-duplication scheme with an authenticated key agreement for Industrial Internet-of-Things. Int Things 14:100376. https://doi.org/10.1016/j.iot.2021.100376
Yang X, Lu R, Shao J, Tang X, Ghorbani A (2020) Achieving efficient secure deduplication with User-Defined access control in cloud. IEEE Transactions on Dependable and Secure Computing, 1–1. https://doi.org/10.1109/TDSC.2020.2987793
Cui H, Deng RH, Li Y, Wu G (2019) Attribute-Based Storage supporting secure deduplication of encrypted data in cloud. IEEE Transactions on Big Data 5(3):330–342. https://doi.org/10.1109/TBDATA.2017.2656120
Youn T-Y, Jho N-S, Rhee KH, Shin SU (2019) Authorized Client-Side Deduplication Using CP-ABE in Cloud Storage. Wireless Communications and Mobile Computing 2019:7840917. https://doi.org/10.1155/2019/7840917
Xiong J, Zhang Y, Lin L, Shen J, Li X, Lin M (2020) Ms-poSW: A multi-server aided proof of shared ownership scheme for secure deduplication in cloud. Concurr Comput Pract Exp 32(3):e4252. https://doi.org/10.1002/cpe.4252
Koo D, Hur J (2018) Privacy-preserving deduplication of encrypted data with dynamic ownership management in fog computing. Futur Gener Comput Syst 78:739–752. https://doi.org/10.1016/j.future.2017.01.024
Pietro RD, Sorniotti A (2016) Proof of ownership for deduplication systems: a secure, scalable, and efficient solution. Comput Commun 82:71–82. https://doi.org/10.1016/j.comcom.2016.01.011
Yang X, Lu R, Choo KR, Yin F, Tang X (2017) Achieving efficient and Privacy-Preserving Cross-Domain big data deduplication in cloud. IEEE Transactions on Big Data, 1–1. https://doi.org/10.1109/TBDATA.2017.2721444
Wang L, Wang B, Song W, Zhang Z (2019) A key-sharing based secure deduplication scheme in cloud storage. Inf Sci 504:48–60. https://doi.org/10.1016/j.ins.2019.07.058
Guo C, Jiang X, Choo K-KR, Jie Y (2020) R-dedup: Secure client-side deduplication for encrypted data without involving a third-party entity. J Netw Comput Appl 162:102664. https://doi.org/10.1016/j.jnca.2020.102664
Acknowledgment
This work is supported in part by the National key research and development plan of China under Grant No. 2018YFB1800303, the Science and Technology Planning Project of Jilin Province under Grant No. 20200401105GX and the 13th Five-Year Science and Technology Research Project of the Education Department of Jilin Province under Grant No. JJKH20200793KJ.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Qi, H., Li, P., Wang, C. et al. A Hierarchical Key Management Scheme for Cross-Domain Secure Deduplication. Mobile Netw Appl 28, 473–485 (2023). https://doi.org/10.1007/s11036-022-01958-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-022-01958-y