Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.4.971

Side-Channel Attack against Secure Data Deduplication over Encrypted Data in Cloud Storage  

Shin, Hyungjune (Korea University)
Koo, Dongyoung (Hansung University)
Hur, Junbeom (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.4, 2017 , pp. 971-980 More about this Journal
Abstract
Data deduplication can be utilized to reduce storage space in cloud storage services by storing only a single copy of data rather than all duplicated copies. Users who are concerned the confidentiality of their outsourced data can use secure encryption algorithms, but it makes data deduplication ineffective. In order to reconcile data deduplication with encryption, Liu et al. proposed a new server-side cross-user deduplication scheme by exploiting password authenticated key exchange (PAKE) protocol in 2015. In this paper, we demonstrate that this scheme has side channel which causes insecurity against the confirmation-of-file (CoF), or duplicate identification attack.
Keywords
Secure Data Outsourcing; Server-side Deduplication; Client-side Deduplication;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Dutch T. Meyer and William J. Bolosky, "A study of practical deduplication," Proceedings of the 9th USENIX Conference on File and Storage Technologies, pp. 1-1, Feb. 2011.
2 Mark W. Storer, Kevin Greenan, Darrell D.E. Long, and Ethan L. Miller, "Secure data deduplication," Proceedings of the 4th ACM international workshop on Storage security and survivability, pp.1-10, Oct. 2008.
3 J.R. Douceur, A. Adya, W.J. Bolosky, P. Simon and M. Theimer, "Reclaiming space from duplicate files in a serverless distributed file system," Proceedings of the 22nd International Conference on Distributed Computing Systems, pp. 617-624, July. 2002.
4 M. Bellare, S. Keelveedhi and T. Ristenpart, "Dupless: server-aided encryption for deduplicated storage," Presented as part of the 22nd USENIX Security Symposium, pp. 179-194, Aug. 2013.
5 P. Puzio, R. Molva, M. nen and S. Loureiro, "ClouDedup: secure deduplication with encrypted data for cloud storage," in 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 363-370, Mar. 2013.
6 J. Stanek, A. Sorniotti, E. Androulaki and L. Kencl, "A secure data deduplication scheme for cloud storage," in 18th International Conference on Financial Cryptography and Data Security, pp. 99-118, Nov. 2014.
7 Yitao Duan, "Distributed key generation for encrypted deduplication: achieving the strongest privacy," Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security (CCSW), pp. 57-68, Nov. 2014.
8 J. Camenisch, G. Neven and A. Shelat, "Simulatable adaptive oblivious transfer," Proceedings of the 26th Annual International Conference on Advances in Cryptology (EUROCRYPT), pp. 573-590, May. 2007.
9 J. Liu, N. Asokan, and B. Pinkas, "Secure deduplication of encrypted data without additional independent servers," Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 874-885, Oct. 2015.
10 S.M. Bellovin and M. Merritt, "Encrypted key exchange: password-based protocols secure against dictionary attacks," in IEEE Computer Society Symposium on Research in Security and Privacy, pp. 72-84, May. 1992.
11 T. ElGamal, "A public key cryptosystem and a signature scheme based on discret logarithms," Proceedings of Advances in Cryptology (CRYPTO), pp. 10-18, Aug. 1985.
12 P. Paillier, "Public-key cryptosystems based on composite degree residuosity classes," Proceedings of the 17th international conference on Theory and Application of Cryptographic Techniques (EUROCRYPT), pp. 223-238, May. 1999.
13 M. Abdalla and D. Pointcheval, "Simple password-based encrypted key exchange protocols," Proceeding of the Cryptographers' Track at the RSA Conference (CT-RSA), pp. 191-208, Feb. 2005.
14 D. Harnik, B. Pinkas, and A. Shulman-Peleg, "Side channels in cloud services: Deduplication in cloud storage," IEEE Security and Privacy, vol. 8, no. 6, pp. 40-47, Dec. 2010.
15 M. Bellare, S. Keelveedhi and T. Ristenpart, "Message-locked encryption and secure deduplication," in 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), pp. 296-312, May. 2013.
16 A. Jain and S. Pankanti, "Biometrics: A tool for information security," in IEEE Transactions on Information Forensics and Security, vol. 1, no. 2, pp. 125-143, Jun. 2006.   DOI
17 Daniel V. Klein, "Foiling the cracker: A survey of, and improvements to, password security," Proceedings of the 2nd USENIX Security Workshop, pp. 5-14, Jul. 1990.
18 Zheng Yan, Mingjun Wang and Yuxiang Li, "Encrypted data management with deduplication in cloud computing," IEEE Cloud Computing, vol. 3, no. 2, pp. 28-35, May. 2016.   DOI
19 Youngjoo Shin, Dongyoung Koo, and Junbeom Hur. "A survey of secure data deduplication schemes for cloud storage systems," ACM Computing Surveys (CSUR), vol. 49, no. 74, Feb. 2017.
20 P. Puzio, R. Molva, M. Onen, and S. Loureiro, "PerfectDedup: secure data deduplication," In International Workshop on Data Privacy Management, pp. 150-166, Sep. 2015.