Multimedia Tools and Applications

, Volume 76, Issue 4, pp 5889–5903 | Cite as

Secure deduplication for multimedia data with user revocation in cloud storage

  • Hyunsoo Kwon
  • Changhee Hahn
  • Daeyoung Kim
  • Junbeom Hur


Increment of multimedia data motivates users to utilize cloud storage (CS) to exploit its massive size. For this extensible storage system, there are two desirable requirements: (1) the users should be able to ensure that their outsourced data is securely protected and (2) the cloud service provider should be able to eliminate redundant copies of data for improvement of storage utilization. Conventional encryption scheme does not satisfy the deduplication on ciphertext as it destroys message equality. Recent study, DupLESS, has enhanced Convergent Encryption (CE) and provided strong privacy. However, CE-based scheme allows the users to possibly decrypt cloud data even if the user loses his ownership to the data. In order to solve this problem, we propose a secure deduplication scheme with user revocation. Our scheme leverages oblivious pseudo-random function to generate encryption key. The CS enforces data access policy using privilege-based encryption to provide user revocation. The security analysis proves that the proposed scheme is secure against unauthorized decryption by revoked users or the cloud server, and brute-force attack on predictable set of data.


Multimedia big data Deduplication User revocation Cloud computing Access control 


  1. 1.
    Abadi M, Boneh D, Mironov I, Raghunathan A, Segev G (2013) Message-locked encryption for lock-dependent messages. Adv Cryptol - CRYPTO 8042:374–391. doi:10.1007/978-3-642-40041-4_21 MATHGoogle Scholar
  2. 2.
    Bellare M, Keelveedhi S (2013) DupLESS: Server-aided encryption for deduplicated storage. In: Proceedings of the 22nd USENIX conference on security, pp 179-194Google Scholar
  3. 3.
    Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attributed-based encryption. IEEE Symp Secur Pri:321–334. doi:10.1109/SP.2007.11
  4. 4.
    Bellare M, Keelveedhi S, Ristenpart T (2013) Message-locked encryption and secure deduplication. Adv Crypto- EUROCRYPT 7881:296–312. doi:10.1007/978-3-642-38348-9_18 MATHGoogle Scholar
  5. 5.
    Bellare M, Namprempre C, Pontcheval D, Semanko M (2003) The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J Cryptol 16(3):185–215. doi:10.1007/s00145-002-0120-1 MathSciNetCrossRefMATHGoogle Scholar
  6. 6.
    Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. Adv Cryptol- CRYPTO 2139:213–229. doi:10.1007/3-540-44647-8_13 MathSciNetMATHGoogle Scholar
  7. 7.
    Bolosky WJ, Douceur JR, Ely D, Theimer M (2000) Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs. In: Proceedings of the ACM SIGMETRICS international conference on Measurement and modeling of computer systems, pp 34–43Google Scholar
  8. 8.
    Clements AT, Ahmad I, Vilayannur M, Li J (2009) Decentralized deduplication in SAN cluster file systems. In: USENIX annual technical conference, pp 8–8Google Scholar
  9. 9.
    Douceur JR, Adya A, Bolosky WJ, Simon D, Theimer M (2002) Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings 22nd international conference on distributed computing systems, pp 617–624, doi:10.1109/ICDCS.2002.1022312, (to appear in print)
  10. 10.
    Dropbox (2014) Accessed 20 December 2014
  11. 11.
    ECM (2014) Accessed 20 December 2014
  12. 12.
    Fiat A, Naor M (1993) Broadcast encryption. Adv Cryptol - CRYPTO 773:480–491. doi:10.1007/3-540-48329-2_40 CrossRefMATHGoogle Scholar
  13. 13.
    googledrive (2014) Accessed 20 December 2014
  14. 14.
    Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, pp 89–98. doi:10.1145/1180405.1180418
  15. 15.
    Halevi S, Harnik D, Pinkas B, Shulman-Peleg A (2011) Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM conference on computer and communications security, pp 491–500, doi:10.1145/2046707.2046765, (to appear in print)
  16. 16.
    Intel IT Center (2014) Planning guide: getting started with Hadoop. Steps IT managers can take to move forward with big data analytics. Accessed 20 December
  17. 17.
    Java Pairing-Based Cryptography Library (JPBC) (2014) Accessed 20 December 2014
  18. 18.
    Li J, Chen X, Li M, Li J, Lee P P C, Lou W (2014) Secure deduplication with efficient and reliable convergent key management. IEEE IEEE Trans Parallel Distrib Syst 25(6):1615–1625. doi:10.1109/TPDS.2013.284 CrossRefGoogle Scholar
  19. 19.
    Open source project ciphertext-policy attribute based encryption (CP-ABE) (2014) Accessed 20 December 2014
  20. 20.
    Russell A, Wang H (2002) How to fool an unbounded adversary with a short key. Adv Crypto- EUROCRYPT 2332:133–148. doi:10.1007/3-540-46035-7_9 MathSciNetMATHGoogle Scholar
  21. 21.
    Sahai A, Waters B (2005) Fuzzy identity-based encryption. Adv Cryptol- EUROCRYPT 3497:457–473. doi:10.1007/11426639_27 MathSciNetMATHGoogle Scholar
  22. 22.
    Sagiroglu S, SINANC D (2013) Big data : a review. In: International conference on collaboration technologies and systems, pp 42–47. doi:10.1109/CTS.2013.6567202
  23. 23.
    Santis A D, Masucci B (1999) Multiple ramp schemes. IEEE Trans Inf Theory 45(5):1720–1728. doi:10.1109/18.771255 MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2015

Authors and Affiliations

  • Hyunsoo Kwon
    • 1
  • Changhee Hahn
    • 1
  • Daeyoung Kim
    • 1
  • Junbeom Hur
    • 2
  1. 1.School of Computer Science and EngineeringChung-Ang UniversitySeoulRepublic of Korea
  2. 2.Department of Computer Science and EngineeringKorea UniversitySeoulRepublic of Korea

Personalised recommendations