Updatable block-level deduplication of encrypted data with efficient auditing in cloud storage

doi:10.19682/j.cnki.1005-8885.2019.0013

中国邮电高校学报(英文) ›› 2019, Vol. 26 ›› Issue (3): 56-72.doi: 10.19682/j.cnki.1005-8885.2019.0013

• Artificial Intelligence • 上一篇下一篇

Updatable block-level deduplication of encrypted data with efficient auditing in cloud storage

党乾龙¹,谢莹¹,李栋浩²,胡功成¹

1. 西安电子科技大学数学与统计学院
2. 河南工业大学理学院

收稿日期:2018-09-17 修回日期:2018-12-14 出版日期:2019-06-30 发布日期:2019-06-30
通讯作者: 党乾龙 E-mail:xidianqldang@163.com

Updatable block-level deduplication of encrypted data with efficient auditing in cloud storage

Received:2018-09-17 Revised:2018-12-14 Online:2019-06-30 Published:2019-06-30
Contact: Qian-Long DANG E-mail:xidianqldang@163.com

摘要/Abstract

摘要： Updatable block-level message-locked encryption（MLE)） can efficiently update encrypted data, and public auditing can verify the integrity of cloud storage data by utilizing a third party auditor (TPA). However, there are seldom schemes supporting both updatable block-level deduplication and public auditing. In this paper, an updatable block-level deduplication scheme with efficient auditing is proposed based on a tree-based authenticated structure. In the proposed scheme, the cloud server (CS)can perform block-level deduplication, and the TPA achieves integrity auditing tasks. When a data block is updated, the ciphertext and auditing tags could be updated efficiently. The security analysis demonstrates that the proposed scheme can achieve privacy under chosen distribution attacks in secure deduplication and resist uncheatable chosen distribution attacks (UNC-CDA) in proof of ownership (PoW). Furthermore, the integrity auditing process is proven secure under adaptive chosen-message attacks. Compared with previous relevant schemes, the proposed scheme achieves better functionality and higher efficiency.

关键词: data update operation, block-level deduplication, efficient auditing, tree-based authenticated structure, proof of ownership

Abstract: Updatable block-level message-locked encryption（MLE)） can efficiently update encrypted data, and public auditing can verify the integrity of cloud storage data by utilizing a third party auditor (TPA). However, there are seldom schemes supporting both updatable block-level deduplication and public auditing. In this paper, an updatable block-level deduplication scheme with efficient auditing is proposed based on a tree-based authenticated structure. In the proposed scheme, the cloud server (CS)can perform block-level deduplication, and the TPA achieves integrity auditing tasks. When a data block is updated, the ciphertext and auditing tags could be updated efficiently. The security analysis demonstrates that the proposed scheme can achieve privacy under chosen distribution attacks in secure deduplication and resist uncheatable chosen distribution attacks (UNC-CDA) in proof of ownership (PoW). Furthermore, the integrity auditing process is proven secure under adaptive chosen-message attacks. Compared with previous relevant schemes, the proposed scheme achieves better functionality and higher efficiency.

Key words: data update operation, block-level deduplication, efficient auditing, tree-based authenticated structure, proof of ownership

参考文献

1. Zwolenski M, Weatherill L. The digital universe: Rich data and the increasing value of the internet of things. Australian Journal of Telecommunications and the Digital Economy, 2014, 2(3): 471−479

2. Meyer D T, Bolosky W J. A study of practical deduplication. ACM Transactions on Storage, 2012, 7(4): 1−20

3. Douceur J R, Adya A, Bolosky W J, et al. Reclaiming space from duplicate files in a serverless distributed file system. Proceedings 22nd International Conference on Distributed Computing Systems (ICDCS’02), Jul 2–5, 2002, Vienna, Austria. Piscataway, NJ, USA: IEEE, 2002: 617−624

4. Harnik D, Pinkas B, Shulman-Peleg A. Side channels in cloud services: Deduplication in cloud storage. IEEE Security and Privacy, 2010, 8(6): 40-47

5. Wilcox-O'Hearn Z, Warner B. Tahoe: the least-authority filesystem. Proceedings of the 4th ACM International Workshop on Storage Security and Survivability (StorageSS’08), Oct 30–31, 2008, Alexandria, Virginia, USA. New York, NY, USA: ACM, 2008: 21−26

6. Bellare M, Keelveedhi S, Ristenpart T. Message-locked encryption and secure deduplication. Advances in Cryptology: Proceedings of the 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’13), May 26−30, 2013, Athens, Greece. LNCS 7881. Berlin, Germany: Springer-Verlag, 2013: 296− 312

7. Abadi M, Boneh D, Mironov I, et al. Message-locked encryption for lock-dependent messages. Advances in Cryptology: Proceedings of the 33rd Annual International Cryptology Conference (Crypto’13), Aug 18−22, 2013, Santa Barbara, CA, USA. LNCS 8042. Berlin, Germany: Springer-Verlag, 2013: 374−391

8. Bellare M, Keelveedhi S. Interactive message-locked encryption and secure deduplication. IACR International Workshop on Public Key Cryptography (PKC’15), Mar 30−Apr 1, 2015, Gaithersburg, MD, USA. LNCS 9020. Berlin, Germany: Springer-Verlag, 2015: 516−538

9. Chen R M, Mu Y, Yang G M, et al. BL-MLE: Block-level message-locked encryption for secure large file deduplication. IEEE Transactions on Information Forensics and Security, 2015, 10(12): 2643−2652

10. Li J, Chen X F, Li M Q, et al. Secure deduplication with efficient and reliable convergent key management. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(6): 1615−1625

11. Puzio P, Molva R, Onen M, et al. ClouDedup: secure deduplication with encrypted data for cloud storage. Cloud Computing Technology and Science (CloudCom’13), Oct 2−5, 2013, Bristol, UK. Piscataway, NJ, USA: IEEE, 2013: 363−370

12. Shacham H, Waters B. Compact proofs of retrievability. Journal of Cryptology, 2013, 26(3): 442−483

13. Zhao Y J, Chow S S M. Updatable block-level message-locked encryption. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS’17), Apr 2−6, 2017, Abu Dhabi, United Arab Emirates. New York, NY, USA: ACM, 2017: 449−460

14. Dodis Y, Vadhan S, Wichs D. Proofs of retrievability via hardness amplification. Theory of Cryptography Conference (TCC’09), Mar 15−17, 2009, San Francisco, CA, USA. LNCS 5444. Berlin, Germany: Springer-Verlag, 2009: 109−127

15. Juels A, Kaliski B S. PORs: Proofs of retrievability for large files. Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07), Oct 29−Nov 2, 2007, Alexandria, Virginia, USA. New York, NY, USA: ACM, 2007: 584−597

16. Yuan J W, Yu S C. Proofs of retrievability with public verifiability and constant communication cost in cloud. Proceedings of the 2013 International Workshop on Security in Cloud Computing (CloudComputing’13), May 8−8, 2013, Hangzhou, China. New York, NY, USA: ACM, 2013: 19−26

17. Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07), Oct 29–Nov 2, 2007, Alexandria, Virginia, USA. New York, NY, USA: ACM, 2007: 598–609

18. Ateniese G, Di Pietro R, Mancini L V, et al. Scalable and efficient provable data possession. Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks (SecureComm’08), Sep 22–25, 2008, Istanbul, Turkey. New York, NY, USA: ACM, 2008: 1–10

19. Erway C C, Küpçü A, Papamanthou C, et al. Dynamic provable data possession. ACM Transactions on Information and System Security, 2015, 17(4): 1–29

20. Wang Q, Wang C, Ren K, et al. Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(5): 847−859

21. Li J W, Li J, Xie D Q, et al. Secure auditing and deduplicating data in cloud. IEEE Transactions on Computers, 2016, 65(8): 2386−2396

22. Yuan J W, Yu S C. Secure and constant cost public cloud storage auditing with deduplication. Communications and Network Security (CNS’13), Oct 14–16, 2013, National Harbor, MD, USA. Piscataway, NJ, USA: IEEE, 2013: 145−153

23. Liu X F, Sun W H, Lou W J, et al. One-tag checker: Message-locked integrity auditing on encrypted cloud deduplication storage. 2017-IEEE Conference on Computer Communications (INFOCOM’17), May 1–4, 2017, Atlanta, GA, USA. Piscataway, NJ, USA: IEEE, 2017: 1−9

24. Youn T Y, Chang K Y, Rhee K H, et al. Efficient client-side deduplication of encrypted data with public auditing in cloud storage. IEEE Access, 2018, 6: 26578−26587

25. Wu Y L, Jiang Z L, Wang X, et al. Dynamic data operations with deduplication in privacy-preserving public auditing for secure cloud storage. Computational Science and Engineering and Embedded and Ubiquitous Computing, 2017 IEEE International Conference on (CSE-EUC’17), Jul 21–24, 2017, Guangzhou, China. Piscataway, NJ, USA: IEEE, 2017, 1: 562−567

26. He K, Chen J, Du R Y, et al. Deypos: Deduplicatable dynamic proof of storage for multi-user environments. IEEE Transactions on Computers, 2016, 65(12): 3631−3645

Updatable block-level deduplication of encrypted data with efficient auditing in cloud storage

Updatable block-level deduplication of encrypted data with efficient auditing in cloud storage

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价