Abstract:
With the rapid proliferation of Internet of Things (IoT) infrastructure and edge computing, more and more IoT data is outsourced to cloud storage service provider (CSP). ...Show MoreMetadata
Abstract:
With the rapid proliferation of Internet of Things (IoT) infrastructure and edge computing, more and more IoT data is outsourced to cloud storage service provider (CSP). To achieve efficient space-saving, data deduplication based on convergent encryption (CE) has been widely applied on the cloud-assisted IoT since it can eliminate redundant data while maintaining data confidentiality. However, most existing works based on CE are susceptible to the brute-force attack for low-entropy data due to its deterministic property. Furthermore, prior works are unsatisfactory since they usually treat the edge nodes (ENs) as the fully trusted entities and overlook their security threat, which may suffer from the leakage of outsourced data and forgeability of deduplication result. In this article, a blockchain-based secure and verifiable deduplication scheme for cloud-assisted IoT is proposed to protect the IoT data privacy and achieve the data auditability. Leveraging the blockchain, our scheme constructs a trustworthy and auditable deduplication framework to prevent the IoT data from illegal modification and forgery by malicious ENs and CSP, where any entity in IoT can track and check the validity of deduplication result by the tamper-proof record (TPR) on blockchain without learning the data content itself. Moreover, our scheme can generate random convergent key and build distributed key management mechanism for the user, to resist the brute-force attack and single point attack. Eventually, formal security analysis and performance evaluation are provided to demonstrate the security and the practicability of our proposed scheme, respectively.
Published in: IEEE Internet of Things Journal ( Volume: 11, Issue: 8, 15 April 2024)