Towards Proofs of Ownership Beyond Bounded Leakage

  • Yongjun Zhao
  • Sherman S. M. Chow
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10005)


Cloud servers save their storage cost by applying deduplication. Duplicated copies of the same file uploaded by the cloud service clients can be reduced to a single copy by maintaining a list of clients who own the same file. Nowadays it is a common practice to rely on the message digest of the file for showing its possession. Yet, this property has been exploited to make the cloud storage service effectively become a content distribution network, by sharing a short message digest.

Proof of ownership (PoW) has been proposed to address this problem. PoW is an interactive protocol by which the prover can prove to the verifier about the ownership of a file. Under this setting, the adversary is motivated to leak some knowledge of the file, for helping a non-owner to also claim ownership. We are intrigued to ask, what is the strongest possible form of leakage, such that a PoW protocol can be provably secure?

In this paper, we propose a leakage-resilient PoW under a strong model, such that any adversary who holds leakage derived from a form of one-way function cannot falsely claim the file ownership.


Cloud cryptography Proof of ownership Leakage-resilience Bounded retrieval model Auxiliary input model 



We would like to thank Zongyang Zhang for helpful advice and suggestions. We also want to thank Yu Chen who refers us to the work of Rosen and Segev [15].


  1. 1.
    Alís, J.B., Di Pietro, R., Orfila, A., Sorniotti, A.: A tunable proof of ownership scheme for deduplication using bloom filters. In: IEEE Conference on Communications and Network Security, CNS 2014, San Francisco, CA, USA, 29–31 October 2014, pp. 481–489 (2014)Google Scholar
  2. 2.
    Ananth, P., Boneh, D., Garg, S., Sahai, A., Zhandry, M.: Differing-Inputs Obfuscation and Applications. Cryptology ePrint Archive 2013/689 (2013)Google Scholar
  3. 3.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. J. ACM 59(2), 6 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Bellare, M., Stepanovs, I., Tessaro, S.: Poly-many hardcore bits for any one-way function and a framework for differing-inputs obfuscation. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 102–121. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45608-8_6 Google Scholar
  5. 5.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)CrossRefzbMATHGoogle Scholar
  6. 6.
    DeFelippi, D.: dropship - Instantly transfer files between Dropbox accounts using only their hashes. github. Accessed 04 June 2016Google Scholar
  7. 7.
    Dodis, Y., Kalai, Y.T., Lovett, S.: On cryptography with auxiliary input. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, 31 May–2 June 2009, pp. 621–630 (2009)Google Scholar
  8. 8.
    Dodis, Y., Vadhan, S., Wichs, D.: Proofs of retrievability via hardness amplification. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 109–127. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00457-5_8 CrossRefGoogle Scholar
  9. 9.
    Fan, L., Cao, P., Almeida, J.M., Broder, A.Z.: Summary cache: a scalable wide-area web cache sharing protocol. IEEE/ACM Trans. Netw. 8(3), 281–293 (2000)CrossRefGoogle Scholar
  10. 10.
    Goldreich, O.: The Foundations of Cryptography - Volume 1, Basic Techniques. Cambridge University Press (2001)Google Scholar
  11. 11.
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: ACM Symposium on Theory of Computing, STOC 1989, 14–17 May 1989, Seattle, Washington, USA, pp. 25–32 (1989)Google Scholar
  12. 12.
    Halevi, S., Harnik, D., Pinkas, B., Shulman-Peleg, A.: Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, 17–21 October 2011, pp. 491–500 (2011)Google Scholar
  13. 13.
    Di Pietro, R., Sorniotti, A.: Boosting efficiency and security in proof of ownership for deduplication. In: 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012, Seoul, Korea, 2–4 May 2012, pp. 81–82 (2012)Google Scholar
  14. 14.
    Di Pietro, R., Sorniotti, A.: Proof of ownership for deduplication systems: a secure, scalable, and efficient solution. Comput. Commun. 82, 71–82 (2016)CrossRefGoogle Scholar
  15. 15.
    Rosen, A., Segev, G.: Chosen-ciphertext security via correlated products. SIAM J. Comput. 39(7), 3058–3088 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Thomas, K., Dropbox: A File Sharer’s Dream Tool? PCWorld, April 2011. Accessed 04 June 2016Google Scholar
  17. 17.
    Xu, J., Chang, E.-C., Zhou, J.: Weak leakage-resilient client-side deduplication of encrypted data in cloud storage. In: 8th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2013, Hangzhou, China, 08–10 May 2013, pp. 195–206 (2013)Google Scholar
  18. 18.
    Xu, J., Zhou, J.: Leakage resilient proofs of ownership in cloud storage, revisited. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 97–115. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-07536-5_7 Google Scholar
  19. 19.
    Yu, C.-M., Chen, C.-Y., Chao, H.-C.: Proof of ownership in deduplicated cloud storage with mobile device efficiency. IEEE Netw. 29(2), 51–55 (2015)CrossRefGoogle Scholar
  20. 20.
    Yuen, T.H., Chow, S.S.M., Zhang, Y., Yiu, S.M.: Identity-based encryption resilient to continual auxiliary leakage. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 117–134. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_9 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Department of Information EngineeringThe Chinese University of Hong KongSha Tin, N.T.Hong Kong

Personalised recommendations