Muneeswaran KARUPPIAH, Vivekrabinson KANAGAMANI

Zero knowledge based data deduplication using in-line Block Matching protocol for secure cloud storage

In the area of cloud computing, data deduplication enables the cloud server to store a single copy of data by eliminating redundant files to improve storage and network efficiency. Proof-of-ownership (PoW) is a cryptographic function that verifies the user who really owns the data. Most of the existing schemes have tried to solve the deduplication problem by providing the same encryption key for identical data. However, these schemes suffer from dynamic changes in ownership management. In this paper, we propose an in-line block matching (IBM) protocol based on zero-knowledge proof for deduplication with dynamic ownership management, which eliminates the unauthorized access of sensitive data. In this proposed work, for a new file, the uploader randomly chooses a file encryption key and encrypts the file. The user also computes a unique proof for the uploaded file by dividing the file into number of blocks and stores this proof to the cloud server. The cloud server computes the group key for the ciphertext and re-encrypts it using this group key. The cloud server also does the proof verification against the subsequent uploader for an existing file. The cloud server is honest-but-curious, so the proposed scheme confirms that the cloud server does not know any information about file encryption key even though it plays a proxy role. The result shows that our proposed scheme protects the data from both cloud server and adversaries. Also, the computational cost is comparatively less than other existing schemes.

PDF

___

[1] Liu X, Deng RH, Choo KKR, Weng J. An efficient privacy preserving outsourced calculation toolkit with multiple keys. IEEE Transactions on Information Forensics and Security 2016; 11 (11): 2401-2414. dio: 10.1109/TIFS.2016.2573770
[2] Storer MW, Greenan K, Long DDE. Secure data deduplication. In: Acm International Workshop on Storage Security and Survivability 2008; 1-10. dio: 10.1145/1456469.1456471
[3] He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS. Robust anonymous authentication protocol for healthcare applications using wireless medical sensor networks. Multimedia Systems 2015; 21: 49-60. doi: 10.1007/s00530-013- 0346-9
[4] Zhang Y, Xu C, Li H, Yang K, Zhou J, Lin X. Healthdep: an efficient and secure deduplication scheme for cloud-assisted ehealth systems. IEEE Transactions on Industrial Informatics 2018; 14 (9): 4101-4112. dio: 10.1109/TII.2018.2832251
[5] Douceur JR, Bolosky WJ, Theimer MM. Encryption systems and methods for identifying and coalescing identical objects encrypted with different keys. US Patent 7266689; 2007
[6] Hur J, Koo D, Shin Y, Kang K. Secure data deduplication with dynamic ownership management in cloud storage. IEEE Transactions on Knowledge and Data Engineering 2016; 28 (11): 3113-3125. doi: 10.1109/TKDE.2016.2580139
[7] Yan Z, Ding W, Yu X, Zhu H, Deng RH. Deduplication on encrypted big data in cloud. IEEE Transactions on Big Data 2016; 2 (2): 138-150. doi: 10.1109/TBDATA.2016.2587659
[8] Halevi S, Harnik D, Pinkas B, Peleg AS. Proofs of ownership in remote storage systems. in: Proceedings of the 18th ACM Conference on Computer and Communications Security; Chicago, Illinois, USA; 2011. pp.491-500
[9] Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques; Athens; 2013. pp.296-312
[10] Shin Y, Kim K. Equality predicate encryption for secure data deduplication. In: Proceedings of Conference on Information Security and Cryptology; Seoul, Korea; 2012. pp.64-70
[11] Wen M, Ota K, Li H, Lei J, Gu C et al. Secure data deduplication with reliable key management for dynamic updates in CPSS. IEEE Transactions on Computational Social Systems 2015; 2 (4): 137-147. doi: 10.1109/TCSS.2015.2514088
[12] Jiang T, Chen X, Wu Q, Ma J, Susilo W et al. Secure and efficient cloud data deduplication with randomized tag. IEEE Transactions on Information Forensics Security 2017; 12 (3): 532-543. doi: 10.1109/TIFS.2016.2622013
[13] Li Y, Yu Y, Min G, Ni J, Susilo W. Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE Transactions on Dependable Secure Computing 2019; 16 (1): 72-83. doi: 10.1109/TDSC.2017.2662216
[14] Xue L, Yu Y, Li Y, Au MH, Du X et al. Efficient attribute-based encryption with attribute revocation for assured data deletion. Information Sciences 2019; 479: 640-650. doi: 10.1016/j.ins.2018.02.015
[15] Yu Y, Li Y, Yang B, Susilo W, Yang G et al. Attribute-based cloud data integrity auditing for secure outsourced storage. IEEE Transactions on Emerging Topics in Computing 2017; 8 (2): 377-390. doi: 10.1109/TETC.2017.2759329
[16] Yu Y, Xue L, Li Y, Du X, Guizani M et al. Assured data deletion with fine-grained access control for fog-based industrial applications. IEEE Transactions on Industrial Informatics 2018; 14 (10): 4538-4547. doi: 10.1109/TII.2018.2841047
[17] Liang W, Baocang W, Wei S, Zhili Z. A key-sharing based secure deduplication scheme in cloud storage. Information Sciences 2019; 504: 48-60. doi: 10.1016/j.ins.2019.07.058
[18] Li J, Chen X, Li M, Li J, Lee PPC et al. Secure deduplication with efficient and reliable convergent key management. IEEE Transactions on Parallel and Distriuted System 2013; 25 (6): 1615-1625. doi: 10.1109/TPDS.2013.284
[19] Kwon H, Hahn C, Koo D, Hur J. Scalable and reliable key management for secure deduplication in cloud storage. in: 2017 IEEE 10th International Conference on Cloud Computing; Honolulu, CA, USA; 2017. pp.391-398.
[20] Xu J, Chang EC, Zhou J. Leakage-resilient client-side deduplication of encrypted data in cloud storage. Cryptology ePrint Archive, Report 2011/538; 2011. http://eprint.iacr.org/.
[21] Xu J, Chang EC, Zhou J. Weak leakage-resilient client-side deduplication of encrypted data in cloud storage. ASIA CCS ’13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security; Hangzhou, China; 2013. pp.195-206. doi: 10.1145/2484313.2484340
[22] Ng WE, Wen Y, Zhu H. Private data deduplication protocols in cloud storage. in: Proceedings of the ACM Symposium on Applied Computing; SAC 2012, Riva, Trento, Italy; 2012. pp.441-446.
[23] Douceur JR, Adya A, Bolosky WJ, Simon P, Theimer M. Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings 22nd International Conference on Distributed Computing Systems; Redmond, WA; 2002. pp.617-624.
[24] Li J, Li YK, Chen X, Lee P, Lou W. A hybrid cloud approach for secure authorized deduplication. IEEE Transactions on Parallel and Distributed Systems 2015; 26 (5): 1206-1216. doi: 10.1109/TPDS.2014.2318320
[25] Yang C, Zhang M, Jiang Q, Zhang J, Li D etal. Zero knowledge based client side deduplication for encrypted files of secure cloud storage in smart cities. Pervasive and Mobile Computing 2017; 41: 243-258. doi: 10.1016/j.pmcj.2017.03.014
[26] Wenbo M. Modern Cryptography: Theory and Practice. Prentice Hall; 2003
[27] Guillou L, Quisquater JJ. A paradoxical identity-based signature scheme resulting from zero-knowledge. Advances in Cryptology – CRYPTO’88; 1998. pp.216-231. doi: 10.1007/0-387-34799-2
[28] Elgamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 1985; 31 (4): 469-472. doi: 10.1109/TIT.1985.1057074