A Secure and Practical Encrypted Data De-duplication with Proof of Ownership in Cloud Storage

클라우드 스토리지 상에서 안전하고 실용적인 암호데이터 중복제거와 소유권 증명 기술

  • Received : 2016.06.10
  • Accepted : 2016.07.04
  • Published : 2016.10.15


In cloud storage environment, deduplication enables efficient use of the storage. Also, in order to save network bandwidth, cloud storage service provider has introduced client-side deduplication. Cloud storage service users want to upload encrypted data to ensure confidentiality. However, common encryption method cannot be combined with deduplication, because each user uses a different private key. Also, client-side deduplication can be vulnerable to security threats because file tag replaces the entire file. Recently, proof of ownership schemes have suggested to remedy the vulnerabilities of client-side deduplication. Nevertheless, client-side deduplication over encrypted data still causes problems in efficiency and security. In this paper, we propose a secure and practical client-side encrypted data deduplication scheme that has resilience to brute force attack and performs proof of ownership over encrypted data.

클라우드 스토리지 환경에서 중복제거 기술은 스토리지의 효율적인 활용을 가능하게 한다. 또한 클라우드 스토리지 서비스 제공자들은 네트워크 대역폭을 절약하기 위해 클라이언트 측 중복제거 기술을 도입하고 있다. 클라우드 스토리지 서비스를 이용하는 사용자들은 민감한 데이터의 기밀성을 보장하기 위해 데이터를 암호화하여 업로드하길 원한다. 그러나 일반적인 암호화 방식은 사용자마다 서로 다른 비밀키를 사용하기 때문에 중복제거와 조화를 이룰 수 없다. 또한 클라이언트 측 중복제거는 태그 값이 전체 데이터를 대신하기 때문에 안전성에 취약할 수 있다. 최근 클라이언트 측 중복제거의 취약점을 보완하기 위해 소유권 증명 기법들이 제안되었지만 여전히 암호데이터 상에서 클라이언트 측 중복제거 기술은 효율성과 안전성에 문제점을 가지고 있다. 본 논문에서는 전수조사 공격에 저항성을 갖고 암호데이터 상에서 소유권 증명을 수행하는 안전하고 실용적인 클라이언트 측 중복제거 기술을 제안한다.



Supported by : 공주대학교


  1. Dropbox. [Online]. Available:
  2. Mozy. [Online]. Available:
  3. Google-Drive. [Online]. Available:
  4. J. R. Douceur, A. Adya, W. J. Bolosky, D. Simon, and M. Theimer, "Reclaiming space from duplicate files in a serverless distributed file system," Distributed Computing Systems, Proc. of 22nd International Conference on Distributed Computing Systems, IEEE, pp. 617-624, 2002.
  5. M. Ballare, S. Keelveedhi, and T. Ristenpart, "Dup-LESS : Server-aided encryption for deduplicated storage," Proc. of the 22nd USENIX conference on Security, pp. 179-194, Aug. 2013.
  6. D. Chaum, "Blind signatures for untraceable payments," CRYPTO'82 (Santa Barbara, CA, USA), pp. 199-203, 1983.
  7. Storer, Mark W., et al., "Secure data deduplication," Proc. of the 4th ACM international workshop on Storage security and survivability, ACM, 2008.
  8. S.Halevi, D.Harnik, B.Pinkas, and A.Shulman-Peleg, "Proofs of Ownership in Remote Storage Systems," Proc. of the 18th ACM conference on Computer and communications security, ACM, pp. 491-500, Oct. 2011.
  9. Di Pietro, Roberto, and Alessandro Sorniotti, "Boosting efficiency and security in proof of ownership for deduplication," Proc. of the 7th ACM Symposium on Information, Computer and Communications Security, ACM, 2012.
  10. Gonzalez-Manzano, Lorena, and Agustin Orfila. "An efficient confidentiality-preserving proof of ownership for deduplication," Journal of Network and Computer Applications 50 : 49-59, 2015.
  11. Camenisch, Jan, and G.Neven, "Simulatable adaptive oblivious transfer," Advances in Cryptology-EUROCRYPT 2007, pp. 573-590, 2007.
  12. Naor, Moni and O.Reingold, "Number-theoretic constructions of efficient pseudo-random functions," Journal of the ACM(JACM), pp. 231-262, 2004.
  13. Blasco, Jorge, et al., "A tunable proof of ownership scheme for deduplication using bloom filters," Communications and Network Security (CNS), 2014 IEEE Conference on, IEEE, 2014.
  14. Xu, Jia, Ee-Chien Chang, and Jianying Zhou, "Weak leakage-resilient client-side deduplication of encrypted data in cloud storage," Proc. of the 8th ACM SIGSAC symposium on Information, computer and communications security, ACM, 2013.
  15. Openstack. [Online]. Available:
  16. Openstack Swift. [Online]. Available: