Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.4.981

Analysis and Elimination of Side Channels during Duplicate Identification in Remote Data Outsourcing  

Koo, Dongyoung (Hansung University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.4, 2017 , pp. 981-987 More about this Journal
Abstract
Proliferation of cloud computing services brings about reduction of the maintenance and management costs by allowing data to be outsourced to a dedicated third-party remote storage. At the same time, the majority of storage service providers have adopted a data deduplication technique for efficient utilization of storage resources. When a hash tree is employed for duplicate identification as part of deduplication process, size information of the attested data and partial information about the tree can be deduced from eavesdropping. To mitigate such side channels, in this paper, a new duplicate identification method is presented by exploiting a multi-set hash function.
Keywords
side channel; deduplication; hash tree; message size; information leakage;
Citations & Related Records
연도 인용수 순위
  • Reference
1 D.T. Meyer and W.J. Bolosky, "A study of practical deduplication," ACM Transactions on Storage, vol. 7, no. 4, pp. 14:1-14: 20, Jan. 2012
2 Udi Manber, "A probabilistic lower bound for checking disjointness of sets," Information Processing Letters, vol. 19, no.1, pp. 51-53, Jul. 1984   DOI
3 K.V.S. Ramarao, Robert Daley, and Rami Melhem, "Message complexity of the set intersection problem," Information Processing Letters, vol. 27, no. 4, pp. 169-174, Apr. 1988   DOI
4 Shai Halevi, Denny Harnik, Benny Pinkas, and Alexandra Shulman-Peleg, "Proofs of ownership in remote storage systems," Proceedings of the 18th ACM conference on Computer and Communications Security, pp. 491-500, Oct. 2011
5 R.C. Merkle, "A digital signature based on a conventional encryption function," Advances in Cryptology, CRYPTO'87, LNCS 293, pp. 359-378, 1988
6 Dongyoung Koo, Youngjoo Shin, Joobeom Yun, and Junbeom Hur, "An online data-oriented authentication based on Merkle tree with improved reliability," Proceedings of the 2017 IEEE International Conference on Web Services, pp. 840-843, Jun. 2017
7 Dwaine Clarke, Srinivas Devadas, Marten van Dijk, Blaise Gassend, and G.E. Suh, "Incremental multiset hash functions and their applications to memory integrity checking," Advances in Cryptology, ASIACRYPT'03, LNCS 2894, pp. 188-207, Dec. 2003
8 Kan Yang and Xiaohua Jia, "An efficient and secure dynamic auditing protocol for data storage in cloud computing," IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 9, pp. 1717-1726, Sep. 2013   DOI
9 Mihir Bellare, Sriram Keelveedhi, and Thomas Ristenpart, "DupLESS: server-aided encryption for deduplicated storage," Proceedings of the 22nd USENIX conference on Security, pp. 179-194, Aug. 2013
10 S.R. Lohstroh and David Grawrock, "Method for providing a secure non-reusable one-time password," US5768373 A (US Patent), Symantec Corporation, Jun. 1998
11 R.J. Tobin and David Malone, "Hash pileups: using collisions to identify unknown hash functions," Proceedings of the 2012 7th International Conference on Risk and Security of Internet and Systems, pp. 1-6. Oct. 2012