Weak leakage-resilient client-side deduplication of encrypted data in cloud storage

ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security

Volumn , Issue , 2013, Pages 195-206

  Xu, Jia ^a   Chang, Ee Chien ^b   Zhou, Jianying ^a  

^a INSTITUTE FOR INFOCOMM RESEARCH   (Singapore)

^b NATIONAL UNIVERSITY OF SINGAPORE   (Singapore)

Author keywords

client side deduplication; cloud storage; leakage resilient; privacy; proofs of ownership; universal hash

Indexed keywords

CLOUD STORAGES; DE DUPLICATIONS; LEAKAGE-RESILIENT; PROOFS OF OWNERSHIP; UNIVERSAL HASH;

CARBON CAPTURE; CRYPTOGRAPHY; DATA PRIVACY; DIGITAL STORAGE;

SECURITY OF DATA;

EID: 84877968673     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2484313.2484340     Document Type: Conference Paper

References (43)

1. Joël Alwen, Yevgeniy Dodis, and Daniel Wichs. Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model. In CRYPTO '09: Annual International Cryptology Conference on Advances in Cryptology, pages 36-54, 2009.
2. Amazon. AWS Customer Agreement. http://aws.amazon.com/agreement/.
3. Paul Anderson and Le Zhang. Fast and secure laptop backups with encrypted de-duplication. In Proceedings of the 24th international conference on Large installation system administration, LISA'10, pages 1-8, 2010.
4. Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson, and Dawn Song. Provable data possession at untrusted stores. In CCS '07: ACM conference on Computer and communications security, pages 598-609, 2007.
5. Boaz Barak, Yevgeniy Dodis, Hugo Krawczyk, Olivier Pereira, Krzysztof Pietrzak, François-Xavier Standaert, and Yu Yu. Leftover Hash Lemma, Revisited. In CRYPTO, pages 1-20, 2011.
6. Boaz Barak, Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. On the (im)possibility of obfuscating programs. J. ACM, 59(2):6:1-6:48, 2012.
7. Mihir Bellare, Sriram Keelveedhi, and Thomas Ristenpart. Message-locked encryption and secure deduplication. Cryptology ePrint Archive, Report 2012/631, 2012. http://eprint.iacr.org/.
8. Lawrence Carter and Mark Wegman. Universal classes of hash functions (Extended Abstract). In STOC '77: ACM symposium on Theory of computing, pages 106-112, 1977.
9. Ee-Chien Chang and Jia Xu. Remote Integrity Check with Dishonest Storage Server. In ESORICS '08: European Symposium on Research in Computer Security: Computer Security, pages 223-237, 2008. http://eprint.iacr.org/2008/346.
10. CNET. Who owns your files on Google Drive? http://news.cnet.com/8301- 1023-3-57420551-93/who-owns-your-files-on-google-drive/.
11. Joan Daemen and Vincent Rijmen. The Design of Rijndael: AES - The Advanced Encryption Standard. 2002.
12. Ernesto Damiani, S. De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati. Key management for multi-user encrypted databases. In StorageSS '05: Proceedings of ACM workshop on Storage security and survivability, pages 74-83, 2005.
13. Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin, and Adam Smith. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM J. Comput., 38(1):97-139, 2008.
14. John Douceur, Atul Adya, William Bolosky, Dan Simon, and Marvin Theimer. Reclaiming space from duplicate files in a serverless distributed file system. In ICDCS '02: International Conference on Distributed Computing Systems, 2002.
15. John Douceur, William Bolosky, and Marvin Theimer. US Patent 7266689: Encryption systems and methods for identifying and coalescing identical objects encrypted with different keys, 2007.
16. Dropbox. Dropbox Privacy Policy. https://www.dropbox.com/privacy.
17. Dropship. Dropbox api utilities, April 2011. https://github.com/ driverdan/dropship.
18. Oded Goldreich. Foundations of Cryptography: Volume 2, Basic Applications. 2004.
19. Google. Google Terms of Service. http://www.google.com/policies/terms/.
20. Shai Halevi, Danny Harnik, Benny Pinkas, and Alexandra Shulman-Peleg. Proofs of ownership in remote storage systems. In CCS '11: ACM conference on Computer and communications security, pages 491-500, 2011. http://eprint.iacr. org/2011/207.
21. Shulman-Peleg A. Harnik D., Pinkas B. Side Channels in Cloud Services: Deduplication in Cloud Storage. IEEE Security and Privacy Magazine, special issue of Cloud Security, 8(6), 2010.
22. Apple Inc. Apple Privacy Policy (Covering iCloud). http://www.apple.com/ privacy/.
23. Ari Juels and Burton S. Kaliski, Jr. Pors: proofs of retrievability for large files. In CCS '07: ACM conference on Computer and communications security, pages 584-597, 2007.
24. Luis Marques and Carlos Costa. Secure deduplication on mobile devices. In OSDOC '11: Workshop on Open Source and Design of Communication, pages 19-26, 2011.
25. Microsoft. Microsoft Services Agreement. http://windows.microsoft.com/en- US/windows-live/microsoft-service-agreement.
26. Ilya Mironov, Omkant Pandey, Omer Reingold, and Gil Segev. Incremental deterministic public-key encryption. In EUROCRYPT '12: Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques, pages 628-644, 2012.
27. Wim Nevelsteen and Bart Preneel. Software Performance of Universal Hash Functions. In EUROCRYPT '99, International Conference on the Theory and Application of Cryptographic Techniques, pages 24-41.
28. Wee Keong Ng, Yonggang Wen, and Huafei Zhu. Private data deduplication protocols in cloud storage. In SAC '12: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pages 441-446, 2012.
29. NIST. National Institute of Standards and Technology. Secure hash standard (SHS). FIPS 180-2, August 2002.
30. Tatsuaki Okamoto. Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes. In CRYPTO '92: Annual International Cryptology Conference on Advances in Cryptology, pages 31-53, 1993.
31. OpenSSL. OpenSSL Project. http://www.openssl.org/.
32. Roberto Di Pietro and Alessandro Sorniotti. Boosting Efficiency and Security in Proof of Ownership for Deduplication. In ASIACCS '12: ACM Symposium on Information, Computer and Communications Security (Full Paper), 2012.
33. Hovav Shacham and Brent Waters. Compact Proofs of Retrievability. In ASIACRYPT '08, pages 90-107, 2008.
34. SNIA. Understanding Data De-duplication Ratios. white paper.
35. SpiderOak-Blog. Why SpiderOak doesn't de-duplicate data across users.
36. Mark Storer, Kevin Greenan, Darrell Long, and Ethan Miller. Secure Data Deduplication. In StorageSS '08: ACM international workshop on Storage security and survivability, pages 1-10, 2008.
37. Twitter. Tweetdeck. http://money.cnn.com/2012/03/30/technology/tweetdeck- bug-twitter/.
38. Mark Wegman and Larry Carter. New Hash Functions and Their Use in Authentication and Set Equality. J. Comput. Syst. Sci., pages 265-279, 1981. (Pubitemid 12444638)
39. Wikipedia. Comparison of online backup services. http://en.wikipedia.org/ wiki/Comparison-of-online-backup-services.
40. wired.com. Dropbox Left User Accounts Unlocked for 4 Hours Sunday. http://www.wired.com/threatlevel/2011/06/dropbox/; http://blog.dropbox.com/?p= 821.
41. Jia Xu and Ee-Chien Chang. Towards efficient proof of retrievability in cloud storage. In ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (Full Paper), 2011. http://eprint.iacr.org/2011/362.
42. Jia Xu, Ee-Chien Chang, and Jianying Zhou. Leakage-resilient client-side deduplication of encrypted data in cloud storage. Cryptology ePrint Archive, Report 2011/538, 2011. http://eprint.iacr.org/.
43. Qingji Zheng and Shouhuai Xu. Secure and efficient proof of storage with deduplication. In CODASPY '12: ACM conference on Data and Application Security and Privacy, pages 1-12, 2012.