Springer Nature is making Coronavirus research free. View research | View latest news | Sign up for updates

Bi-directional and concurrent proof of ownership for stronger storage services with de-duplication

Abstract

In storage service, data de-duplication is a specialized technique for eliminating duplicate copies of repeating data in storage. Especially, client-side de-duplication has more merits than server-side de- duplication since they can improve both the space efficiency and the communication bandwidth. For secure client-side de-duplication, we need a way to prove the ownership of a file to be stored. In the upload step, the server should verify the ownership of a client to give the right of the file without uploading it. On the contrary, the client also want to verify the retrievability for the file since he will delete it from his storage after protocol execution. Existing proof of ownership techniques have been designed for server’s need. In this paper, we first point out that we need the second property in client’s view point, and give a very simple and practical solution which can support the server and the client to prove that they have the same file. We first describe a generic strategy which can help us to construction a bi-directional and concurrent proof of ownership technique from an ordinary proof of ownership technique, and then give an efficient hash-based scheme with security proof in the random oracle model.

This is a preview of subscription content, log in to check access.

References

  1. 1

    Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, 2013. 296–312

  2. 2

    Bellare M, Keelveedhi S, Ristenpart T. DupLESS: server-aided encryption for deduplicated storage. In: Proceedings of the 22nd USENIX Conference on Security, Washington DC, 2013. 179–194

  3. 3

    Douceur J R, Adya A, Bolosky W J, et al. Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings of International Conference on Distributed Computing Systems, Vienna, 2002. 617–624

  4. 4

    Harnik D, Pinkas B, Shulman-Peleg A. Side channels in cloud services: deduplication in cloud storage. IEEE Secur Privacy Mag, 2010, 8: 40–47

  5. 5

    Li J, Chen X F, Li M Q, et al. Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parall Distrib Syst, 2014, 25: 1615–1625

  6. 6

    Li J, Chen X, Xhafa F, et al. Secure deduplication storage systems with keyword search. In: Proceedings of IEEE 28th International Conference on Advanced Information Networking and Applications (AINA), Gwangju, 2014. 971–977

  7. 7

    Li J, Li Y K, Chen X F, et al. A hybrid cloud approach for secure authorized deduplication. IEEE Trans Parall Distrib Syst, 2015, 26: 1206–1216

  8. 8

    Marques L, Costa C. Secure deduplication on mobile devices. In: Proceedings of the 2011 Workshop on Open Source and Design of Communication, Lisbon, 2011. 19–26

  9. 9

    Shin Y, Kim K. Efficient and secure file deduplication in cloud storage. IEICE Trans Inf Syst, 2014, E97-D: 184–197

  10. 10

    Storer M, Greenan K, Long D, et al. Secure data deduplication. In: Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, Alexandria, 2008. 1–10

  11. 11

    Xu J, Chang E C, Zhou J Y. Weak leakage-resilient client-side deduplication of encrypted data in cloud storage. In: Proceedings of ASIA-CCS 2013, Hangzhou, 2013. 195–206

  12. 12

    Ateniese G, Kamara S, Katz J. Proofs of storage from homomorphic identification protocols. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, 2009. 319–333

  13. 13

    Ateniese G, Pietro R D, Mancini L, et al. Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, Istanbul, 2008. 7

  14. 14

    Bowers K D, Juels A, Oprea A. Proofs of retrievability: theory and implementation. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, Chicago, 2009. 43–54

  15. 15

    Blasco J, Pietro R D, Orfila A, et al. A tunable proof of ownership scheme for deduplication using bloom filters. In: Proceedings of the IEEE Conference on Communications and Network Security (CNS), San Francisco, 2014. 481–489

  16. 16

    Chen J, Zhang L H, He K, et al. Message-locked proof of ownership and retrievability with remote repairing in cloud. Secur Commun Netw, 2016, 9: 3452–3466

  17. 17

    Dodis Y, Vadhan S, Wichs D. Proofs of retrievability via hardness amplification. In: Proceedings of Theory of Cryp-tography Conference, San Francisco, 2009. 109–127

  18. 18

    Halevi S, Harnik D, Pinkas B, et al. Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, 2011. 491–500

  19. 19

    Husain M I, Ko S Y, Uurtamo S, et al. Bidirectional data verification for cloud storage. J Netw Comput Appl, 2014, 45: 96–107

  20. 20

    Juels A, Kaliski B. PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 584–597

  21. 21

    Pietro R D, Sorniotti A. Boosting efficiency and security in proof of ownership for deduplication. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, 2012. 81–82

  22. 22

    Rass S. Dynamic proofs of retrievability from Chameleon-Hashes. In: Proceedings of International Conference on Security and Cryptography (SECRYPT), Reykjavik, 2013. 1–9

  23. 23

    Xu J, Zhou J. Leakage resilient proofs of ownership in cloud storage, revisited. In: Proceedings of International Conference on Applied Cryptography and Network Security, Lausanne, 2014. 97–115

  24. 24

    Yu C-M, Chen C-Y, Chao H-C. Proof of ownership in deduplicated cloud storage with mobile device efficiency. IEEE Netw, 2015, 29: 51–55

  25. 25

    Wang H Y, Zhu L H, Xu C, et al. A universal method for realizing non-repudiable provable data possession in cloud storage. Secur Commun Netw, 2016, 9: 2291–2301

  26. 26

    Armknecht F, Bohli J-M, Karame G O, et al. Outsourced proofs of retrievability. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, 2014. 831–843

  27. 27

    Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 598–609

  28. 28

    Shacham H, Waters B. Compact proofs of retrievability. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, 2008. 90–107

Download references

Acknowledgments

This work was supported by Electronics and Telecommunications Research Institute (ETRI) grant funded by the Korean government (17ZH1700, Development of Storage and Search Technologies over Encrypted Database).

Author information

Correspondence to Taek-Young Youn.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Youn, T., Chang, K. Bi-directional and concurrent proof of ownership for stronger storage services with de-duplication. Sci. China Inf. Sci. 61, 032107 (2018). https://doi.org/10.1007/s11432-017-9116-x

Download citation

Keywords

  • cloud storage
  • secure de-duplication
  • data out-source
  • proof of ownership
  • bi-directional and concurrent proof