Secure Deduplication of Encrypted Data: Refined Model and New Constructions

  • Jian LiuEmail author
  • Li Duan
  • Yong Li
  • N. Asokan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10808)


Cloud providers tend to save storage via cross-user deduplication, while users who care about privacy tend to encrypt their files on client-side. Secure deduplication of encrypted data (SDoE) which aims to reconcile this apparent contradiction is an active research topic. In this paper, we propose a formal security model for SDoE. We also propose two single-server SDoE protocols and prove their security in our model. We evaluate their deduplication effectiveness via simulations with realistic datasets.



This work was supported in part by TEKES - the Finnish Funding Agency for Innovation (CloSer project, 3881/31/2016) and by Intel (Intel Collaborative Research Institute for Secure Computing, ICRI-SC).


  1. 1.
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)CrossRefzbMATHGoogle Scholar
  2. 2.
    Bellare, M., Keelveedhi, S.: Interactive message-locked encryption and secure deduplication. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 516–538. Springer, Heidelberg (2015). Google Scholar
  3. 3.
    Bellare, M., Keelveedhi, S., Ristenpart, T.: DupLESS: server-aided encryption for deduplicated storage. In: USENIX Security, pp. 179–194. USENIX Association (2013)Google Scholar
  4. 4.
    Bellare, M., Keelveedhi, S., Ristenpart, T.: Message-locked encryption and secure deduplication. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 296–312. Springer, Heidelberg (2013). CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). CrossRefGoogle Scholar
  6. 6.
    Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: 1992 IEEE Computer Society Symposium on Research in Security and Privacy, Proceedings, pp. 72–84, May 1992Google Scholar
  7. 7.
    Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: Smote: synthetic minority over-sampling technique. J. Artif. Int. Res. 16(1), 321–357 (2002)zbMATHGoogle Scholar
  8. 8.
    Douceur, J., Adya, A., Bolosky, W., Simon, P., Theimer, M.: Reclaiming space from duplicate files in a serverless distributed file system. In: 22nd International Conference on Distributed Computing Systems, Proceedings, pp. 617–624 (2002)Google Scholar
  9. 9.
    Duan, Y.: Distributed key generation for encrypted deduplication: achieving the strongest privacy. In: CCSW, pp. 57–68. ACM (2014)Google Scholar
  10. 10.
    Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: deduplication in cloud storage. IEEE Secur. Priv. 8(6), 40–47 (2010)CrossRefGoogle Scholar
  11. 11.
    Lei, L., Cai, Q., Chen, B., Lin, J.: Towards efficient re-encryption for secure client-side deduplication in public clouds. In: Lam, K.-Y., Chi, C.-H., Qing, S. (eds.) ICICS 2016. LNCS, vol. 9977, pp. 71–84. Springer, Cham (2016). CrossRefGoogle Scholar
  12. 12.
    Liu, J., Asokan, N., Pinkas, B.: Secure deduplication of encrypted data without additional independent servers. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 874–885. ACM, New York (2015)Google Scholar
  13. 13.
    Liu, J., Asokan, N., Pinkas, B.: Secure deduplication of encrypted data without additional independent servers. Cryptology ePrint Archive, Report 2015/455 (2015).
  14. 14.
    Puzio, P., Molva, R., Onen, M., Loureiro, S.: ClouDedup: secure deduplication with encrypted data for cloud storage. In: CloudCom, pp. 363–370. IEEE Computer Society (2013)Google Scholar
  15. 15.
    Qin, C., Li, J., Lee, P.P.C.: The design and implementation of a rekeying-aware encrypted deduplication storage system. Trans. Storage 13(1), 9:1–9:30 (2017)CrossRefGoogle Scholar
  16. 16.
    Shin, Y., Koo, D., Yun, J., Hur, J.: Decentralized server-aided encryption for secure deduplication in cloud storage. IEEE Trans. Serv. Comput. PP(99), 1 (2017)CrossRefGoogle Scholar
  17. 17.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. IACR Cryptology ePrint Archive 2004:332 (2004)Google Scholar
  18. 18.
    Stanek, J., Sorniotti, A., Androulaki, E., Kencl, L.: A secure data deduplication scheme for cloud storage. In: FC, pp. 99–118 (2014)Google Scholar
  19. 19.
    Zhao, Y., Chow, S.S.: Updatable block-level message-locked encryption. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2017, pp. 449–460. ACM, New York (2017)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Aalto UniversityEspooFinland
  2. 2.Paderborn UniversityPaderbornGermany
  3. 3.Ruhr-University BochumBochumGermany

Personalised recommendations