skip to main content
10.1145/2996429.2996433acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Message-Locked Proofs of Retrievability with Secure Deduplication

Published: 28 October 2016 Publication History

Abstract

This paper addresses the problem of data retrievability in cloud computing systems performing deduplication to optimize their space savings: While there exist a number of proof of retrievability (PoR) solutions that guarantee storage correctness with cryptographic means, these solutions unfortunately come at odds with the deduplication technology. To reconcile proofs of retrievability with file-based cross-user deduplication, we propose the message-locked PoR approach whereby the PoR effect on duplicate data is identical and depends on the value of the data segment, only. As a proof of concept, we describe two instantiations of existing PoRs and show that the main extension is performed during the setup phase whereby both the keying material and the encoded version of the to-be-outsourced file is computed based on the file itself. We additionally propose a new server-aided message-locked key generation technique that compared with related work offers better security guarantees.

References

[1]
Amazon drive. https://www.amazon.com/gp/drive/landing/everything/\\buy?tag=bisafetynet-20. Accessed: 2016-09-15.
[2]
Google Drive. https://apps.google.com/driveforwork/. Accessed: 2016-09--15.
[3]
F. Armknecht, J.-M. Bohli, D. Froelicher, and G. Karame. SPORT: Sharing Proofs of Retrievability across Tenants. Cryptology ePrint Archive, Report 2016/724, 2016. http://eprint.iacr.org/2016/724.
[4]
F. Armknecht, J.-M. Bohli, G. O. Karame, and F. Youssef. Transparent Data Deduplication in the Cloud. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), pages 886--900, 2015.
[5]
G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. Song. Provable data possession at untrusted stores. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 598--609, 2007.
[6]
G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik. Scalable and efficient provable data possession. In Proceedings of the 4th international conference on Security and Privacy in communication networks (SecureComm), 2008.
[7]
M. Azraoui, K. Elkhiyaoui, R. Molva, and M. Önen. StealthGuard: Proofs of Retrievability with Hidden Watchdogs. In Proceedings of the 19th European Symposium on Research in Computer Security (ESORICS), pages 239--256, 2014.
[8]
M. Bellare, S. Keelveedhi, and T. Ristenpart. Dupless: Server-aided encryption for deduplicated storage. In Proceedings of the 22Nd USENIX Conference on Security (USENIX SEC), pages 179--194, 2013.
[9]
M. Bellare, S. Keelveedhi, and T. Ristenpart. Message-Locked Encryption and Secure Deduplication. In Proceedings of Eurocrypt, pages 296--312, 2013.
[10]
D. Boneh, B. Lynn, and H. Shacham. Short signatures from the Weil pairing. Cryptology, 2002.
[11]
J. Camenish, G. Neven, and A. Shelat. Simulatable adaptive oblivious transfer. In Proceedings of EUROCRYPT, pages 573--590, 2007.
[12]
R. Chen, Y. Mu, G. Yang, and F. Guo. Bl-mle: Block-level message-locked encryption for secure large file deduplication. IEEE Transactions on Information Forensics and Security, 10(12):2643--2652, 2015.
[13]
R. di Pietro and A. Sorniotti. Boosting efficiency and security in proof of ownership for deduplication. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2012.
[14]
J. R. Douceur, A. Adya, W. J. Bolosky, D. Simon, and M. Theimer. Reclaiming Space from Duplicate Files in a Serverless Distributed File System. In Proceedings of the 22nd International Conference on Distributed Computing Systems (ICDCS), 2002.
[15]
L. Gonzales-Manzano and A. Orfila. An efficient confidentiality-preserving Proof of Ownership for deduplication. Journal on Network and Computer Applications, 50:49--59, 2015.
[16]
S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg. Proofs of ownership in remote storage systems. In Proceedings of ACM CCS, pages 491--500, 2011.
[17]
D. Harnik, B. Pinkas, and A. Shulman-Peleg. Side channels in cloud services: Deduplication in cloud storage. In Proceedings of the 4th ACM International Wokshop on Storage Security and Survivability (StorageSS), 2008.
[18]
A. Juels and B. S. K. Jr. Pors: Proofs of retrievability for large files. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 584--597, 2007.
[19]
J. Liu, N. Asokan, and B. Pinkas. Secure Deduplication of Encrypted Data Without Additional Independent Servers. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), pages 874--885, 2015.
[20]
D. T. Meyer and W. J. Bolosky. A study of practical deduplication. ACM Transactions on Storage (TOS), 7(4):14:1--14:20, 2012.
[21]
P. Puzio, R. Molva, M. Önen, and S. Loureiro. ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage. In PRoceeings of the, 5th IEEE International Conference on Cloud Computing Technology and Science (CLOUDCOM), 2013.
[22]
P. Puzio, R. Molva, M. Önen, and S. Loureiro. PerfectDedup: Secure data deduplication. In 10th International Workshop on Data Privacy Management (DPM), 2015.
[23]
Shacham, Hovav and Waters, Brent. Compact proofs of retrievability. In Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT), pages 90--107, 2008.
[24]
Y. Shin, J. Hur, and K. Kim. Security weakness in the proof of storage with deduplication. Cryptology ePrint Archive, Report 2012/554, 2012. http://eprint.iacr.org/2012/554.
[25]
J. Stanek, A. Sorniotti, E. Androulaki, and L. Kencl. A Secure Data Deduplication Scheme for Cloud Storage. In 18th International Conference on Financial Cryptography and Data Security (FC), pages 99--118, 2014.
[26]
E. Stefanov, M. van Dijk, A. Juels, and A. Oprea. Iris: a scalable cloud file system with efficient integrity checks. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), pages 229--238, 2012.
[27]
Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li. Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst., 22(5):847--859, 2011.
[28]
Q. Zheng and S. Xu. Secure and efficient proof of storage with deduplication. In Proceedings of the 2nd ACM conference on Data and Application Security and Privacy (CODASPY), 2012.

Cited By

View all
  • (2024)Enabling Transparent Deduplication and Auditing for Encrypted Data in CloudIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.333447521:4(3545-3561)Online publication date: Jul-2024
  • (2023)Blockchain-Based Deduplication and Integrity Auditing Over Encrypted Cloud StorageIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.323722120:6(4928-4945)Online publication date: Nov-2023
  • (2023)VeriDedup: A Verifiable Cloud Data Deduplication Scheme With Integrity and Duplication ProofIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314152120:1(680-694)Online publication date: 1-Jan-2023
  • Show More Cited By

Index Terms

  1. Message-Locked Proofs of Retrievability with Secure Deduplication

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCSW '16: Proceedings of the 2016 ACM on Cloud Computing Security Workshop
    October 2016
    116 pages
    ISBN:9781450345729
    DOI:10.1145/2996429
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 28 October 2016

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. data deduplication
    2. message-locked encryption
    3. proofs of retrievability
    4. secure cloud storage
    5. server aided encryption

    Qualifiers

    • Research-article

    Funding Sources

    • the TREDISEC project funded by the European Union (EU) under the H2020 programme.

    Conference

    CCS'16
    Sponsor:

    Acceptance Rates

    CCSW '16 Paper Acceptance Rate 8 of 23 submissions, 35%;
    Overall Acceptance Rate 37 of 108 submissions, 34%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)6
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 17 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Enabling Transparent Deduplication and Auditing for Encrypted Data in CloudIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.333447521:4(3545-3561)Online publication date: Jul-2024
    • (2023)Blockchain-Based Deduplication and Integrity Auditing Over Encrypted Cloud StorageIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.323722120:6(4928-4945)Online publication date: Nov-2023
    • (2023)VeriDedup: A Verifiable Cloud Data Deduplication Scheme With Integrity and Duplication ProofIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314152120:1(680-694)Online publication date: 1-Jan-2023
    • (2023)Survey on Secure Encrypted Data with Authorized De-duplicationProceedings of the International Conference on Intelligent Computing, Communication and Information Security10.1007/978-981-99-1373-2_25(317-331)Online publication date: 4-Jul-2023
    • (2022)Security-Aware and Efficient Data Deduplication for Edge-Assisted Cloud Storage SystemsIEEE Transactions on Services Computing10.1109/TSC.2022.3195318(1-12)Online publication date: 2022
    • (2022)Privacy-Preserving Deduplication of Sensor Compressed Data in Distributed Fog ComputingIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2022.317999233:12(4176-4191)Online publication date: 1-Dec-2022
    • (2021)Fine-grained Data Deduplication and proof of storage Scheme in Public Cloud Storage2021 International Conference on COMmunication Systems & NETworkS (COMSNETS)10.1109/COMSNETS51098.2021.9352742(237-241)Online publication date: 5-Jan-2021
    • (2018)Secure Storage with Replication and Transparent DeduplicationProceedings of the Eighth ACM Conference on Data and Application Security and Privacy10.1145/3176258.3176315(13-23)Online publication date: 13-Mar-2018
    • (2017)Cloud Storage File RecoverabilityProceedings of the Fifth ACM International Workshop on Security in Cloud Computing10.1145/3055259.3055264(19-26)Online publication date: 2-Apr-2017
    • (2017)Sharing Proofs of Retrievability across TenantsProceedings of the 2017 ACM on Asia Conference on Computer and Communications Security10.1145/3052973.3052997(275-287)Online publication date: 2-Apr-2017

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media