Interactive Message-Locked Encryption and Secure Deduplication

Bellare, Mihir; Keelveedhi, Sriram

doi:10.1007/978-3-662-46447-2_23

Cited by 89 publications

(37 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Namely, it ensures more optimal usage of the resources at the cloud side (e.g., Bitcasa, Dropbox). Unfortunately, encryption of data with classical cryptosystems cannot be deduplicated (Abadi et al 2013;Bellare and Keelveedhi 2015;Liu et al 2015b;Zheng et al 2015;Rabotka and Mannan 2016). Hence, current existing applications have either security or storage efficiency issues.…”

Section: Secure Deduplicationmentioning

confidence: 95%

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

Kiraz

2016

J Ambient Intell Human Comput

View full text Add to dashboard Cite

The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today's real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view.

show abstract

Section: Secure Deduplicationmentioning

confidence: 95%

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

Kiraz

2016

J Ambient Intell Human Comput

View full text Add to dashboard Cite

show abstract

“…Jin et al [31] proposed an anonymous deduplication scheme over encrypted data that exploits a proxy reencryption algorithm. Bellare et al [28] proposed a server-aided MLE which is secure against brute-force attack, which was recently extended to interactive MLE [29] to provide privacy for messages that are both correlated and dependent on the public system parameters. However, these schemes do not handle the dynamic ownership management issues involved in secure deduplication for shared outsourced data.…”

Section: Deduplication Over Encrypted Datamentioning

confidence: 99%

Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage

Hur

Koo

Shin

et al. 2016

IEEE Trans. Knowl. Data Eng.

113

View full text Add to dashboard Cite

In cloud storage services, deduplication technology is commonly used to reduce the space and bandwidth requirements of services by eliminating redundant data and storing only a single copy of them. Deduplication is most effective when multiple users outsource the same data to the cloud storage, but it raises issues relating to security and ownership. Proofof-ownership schemes allow any owner of the same data to prove to the cloud storage server that he owns the data in a robust way. However, many users are likely to encrypt their data before outsourcing them to the cloud storage to preserve privacy, but this hampers deduplication because of the randomization property of encryption. Recently, several deduplication schemes have been proposed to solve this problem by allowing each owner to share the same encryption key for the same data. However, most of the schemes suffer from security flaws, since they do not consider the dynamic changes in the ownership of outsourced data that occur frequently in a practical cloud storage service. In this paper, we propose a novel server-side deduplication scheme for encrypted data. It allows the cloud server to control access to outsourced data even when the ownership changes dynamically by exploiting randomized convergent encryption and secure ownership group key distribution. This prevents data leakage not only to revoked users even though they previously owned that data, but also to an honest-but-curious cloud storage server. In addition, the proposed scheme guarantees data integrity against any tag inconsistency attack. Thus, security is enhanced in the proposed scheme. The efficiency analysis results demonstrate that the proposed scheme is almost as efficient as the previous schemes, while the additional computational overhead is negligible.

show abstract

“…Abadi et al [3] propose two encrypted deduplication schemes for the chunks that depend on public parameters, yet either of them builds on computationally expensive non-interactive zero knowledge (NIZK) proofs or produces deterministic ciphertext components. Interactive MLE [11] addresses chunk correlation and parameter dependence, yet it is impractical for the use of fully homomorphic encryption (FHE). This paper differs from the above works by using lightweight primitives for practical encrypted deduplication.…”

Section: Related Workmentioning

confidence: 99%

Information Leakage in Encrypted Deduplication via Frequency Analysis

Qin

Lee

et al. 2017

2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

View full text Add to dashboard Cite

Encrypted deduplication combines encryption and deduplication to simultaneously achieve both data security and storage efficiency. State-of-the-art encrypted deduplication systems mainly build on deterministic encryption to preserve deduplication effectiveness. However, such deterministic encryption reveals the underlying frequency distribution of the original plaintext chunks. This allows an adversary to launch frequency analysis against the ciphertext chunks and infer the content of the original plaintext chunks. In this paper, we study how frequency analysis affects information leakage in encrypted deduplication, from both attack and defense perspectives. Specifically, we target backup workloads, and propose a new inference attack that exploits chunk locality to increase the coverage of inferred chunks. We further combine the new inference attack with the knowledge of chunk sizes and show its attack effectiveness against variable-size chunks. We conduct trace-driven evaluation on both real-world and synthetic datasets and show that our proposed attacks infer a significant fraction of plaintext chunks under backup workloads. To defend against frequency analysis, we present two defense approaches, namely MinHash encryption and scrambling. Our trace-driven evaluation shows that our combined MinHash encryption and scrambling scheme effectively mitigates the severity of the inference attacks, while maintaining high storage efficiency and incurring limited metadata access overhead.

show abstract

Interactive Message-Locked Encryption and Secure Deduplication

Cited by 89 publications

References 38 publications

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage

Information Leakage in Encrypted Deduplication via Frequency Analysis

Contact Info

Product

Resources

About