Bi-directional and concurrent proof of ownership for stronger storage services with de-duplication

Research Paper
  • 69 Downloads

Abstract

In storage service, data de-duplication is a specialized technique for eliminating duplicate copies of repeating data in storage. Especially, client-side de-duplication has more merits than server-side de- duplication since they can improve both the space efficiency and the communication bandwidth. For secure client-side de-duplication, we need a way to prove the ownership of a file to be stored. In the upload step, the server should verify the ownership of a client to give the right of the file without uploading it. On the contrary, the client also want to verify the retrievability for the file since he will delete it from his storage after protocol execution. Existing proof of ownership techniques have been designed for server’s need. In this paper, we first point out that we need the second property in client’s view point, and give a very simple and practical solution which can support the server and the client to prove that they have the same file. We first describe a generic strategy which can help us to construction a bi-directional and concurrent proof of ownership technique from an ordinary proof of ownership technique, and then give an efficient hash-based scheme with security proof in the random oracle model.

Keywords

cloud storage secure de-duplication data out-source proof of ownership bi-directional and concurrent proof 

Notes

Acknowledgments

This work was supported by Electronics and Telecommunications Research Institute (ETRI) grant funded by the Korean government (17ZH1700, Development of Storage and Search Technologies over Encrypted Database).

References

  1. 1.
    Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, 2013. 296–312Google Scholar
  2. 2.
    Bellare M, Keelveedhi S, Ristenpart T. DupLESS: server-aided encryption for deduplicated storage. In: Proceedings of the 22nd USENIX Conference on Security, Washington DC, 2013. 179–194Google Scholar
  3. 3.
    Douceur J R, Adya A, Bolosky W J, et al. Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings of International Conference on Distributed Computing Systems, Vienna, 2002. 617–624CrossRefGoogle Scholar
  4. 4.
    Harnik D, Pinkas B, Shulman-Peleg A. Side channels in cloud services: deduplication in cloud storage. IEEE Secur Privacy Mag, 2010, 8: 40–47CrossRefGoogle Scholar
  5. 5.
    Li J, Chen X F, Li M Q, et al. Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parall Distrib Syst, 2014, 25: 1615–1625CrossRefGoogle Scholar
  6. 6.
    Li J, Chen X, Xhafa F, et al. Secure deduplication storage systems with keyword search. In: Proceedings of IEEE 28th International Conference on Advanced Information Networking and Applications (AINA), Gwangju, 2014. 971–977Google Scholar
  7. 7.
    Li J, Li Y K, Chen X F, et al. A hybrid cloud approach for secure authorized deduplication. IEEE Trans Parall Distrib Syst, 2015, 26: 1206–1216CrossRefGoogle Scholar
  8. 8.
    Marques L, Costa C. Secure deduplication on mobile devices. In: Proceedings of the 2011 Workshop on Open Source and Design of Communication, Lisbon, 2011. 19–26CrossRefGoogle Scholar
  9. 9.
    Shin Y, Kim K. Efficient and secure file deduplication in cloud storage. IEICE Trans Inf Syst, 2014, E97-D: 184–197CrossRefGoogle Scholar
  10. 10.
    Storer M, Greenan K, Long D, et al. Secure data deduplication. In: Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, Alexandria, 2008. 1–10Google Scholar
  11. 11.
    Xu J, Chang E C, Zhou J Y. Weak leakage-resilient client-side deduplication of encrypted data in cloud storage. In: Proceedings of ASIA-CCS 2013, Hangzhou, 2013. 195–206Google Scholar
  12. 12.
    Ateniese G, Kamara S, Katz J. Proofs of storage from homomorphic identification protocols. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, 2009. 319–333Google Scholar
  13. 13.
    Ateniese G, Pietro R D, Mancini L, et al. Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, Istanbul, 2008. 7Google Scholar
  14. 14.
    Bowers K D, Juels A, Oprea A. Proofs of retrievability: theory and implementation. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, Chicago, 2009. 43–54CrossRefGoogle Scholar
  15. 15.
    Blasco J, Pietro R D, Orfila A, et al. A tunable proof of ownership scheme for deduplication using bloom filters. In: Proceedings of the IEEE Conference on Communications and Network Security (CNS), San Francisco, 2014. 481–489Google Scholar
  16. 16.
    Chen J, Zhang L H, He K, et al. Message-locked proof of ownership and retrievability with remote repairing in cloud. Secur Commun Netw, 2016, 9: 3452–3466CrossRefGoogle Scholar
  17. 17.
    Dodis Y, Vadhan S, Wichs D. Proofs of retrievability via hardness amplification. In: Proceedings of Theory of Cryp-tography Conference, San Francisco, 2009. 109–127Google Scholar
  18. 18.
    Halevi S, Harnik D, Pinkas B, et al. Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, 2011. 491–500Google Scholar
  19. 19.
    Husain M I, Ko S Y, Uurtamo S, et al. Bidirectional data verification for cloud storage. J Netw Comput Appl, 2014, 45: 96–107CrossRefGoogle Scholar
  20. 20.
    Juels A, Kaliski B. PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 584–597Google Scholar
  21. 21.
    Pietro R D, Sorniotti A. Boosting efficiency and security in proof of ownership for deduplication. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, 2012. 81–82Google Scholar
  22. 22.
    Rass S. Dynamic proofs of retrievability from Chameleon-Hashes. In: Proceedings of International Conference on Security and Cryptography (SECRYPT), Reykjavik, 2013. 1–9Google Scholar
  23. 23.
    Xu J, Zhou J. Leakage resilient proofs of ownership in cloud storage, revisited. In: Proceedings of International Conference on Applied Cryptography and Network Security, Lausanne, 2014. 97–115Google Scholar
  24. 24.
    Yu C-M, Chen C-Y, Chao H-C. Proof of ownership in deduplicated cloud storage with mobile device efficiency. IEEE Netw, 2015, 29: 51–55CrossRefGoogle Scholar
  25. 25.
    Wang H Y, Zhu L H, Xu C, et al. A universal method for realizing non-repudiable provable data possession in cloud storage. Secur Commun Netw, 2016, 9: 2291–2301CrossRefGoogle Scholar
  26. 26.
    Armknecht F, Bohli J-M, Karame G O, et al. Outsourced proofs of retrievability. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, 2014. 831–843Google Scholar
  27. 27.
    Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 598–609Google Scholar
  28. 28.
    Shacham H, Waters B. Compact proofs of retrievability. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, 2008. 90–107Google Scholar

Copyright information

© Science China Press and Springer-Verlag GmbH Germany, part of Springer Nature 2017

Authors and Affiliations

  1. 1.Electronics and Telecommunications Research InstituteDaejeonKorea

Personalised recommendations