新的云存储文件去重复删除方法

doi:10.11959/j.issn.1000-436x.2017057

Abstract

Abstract:

Deduplication is widely used in cloud storage service to save bandwidth and storage resources,however,the security of client deduplication still flaws in an external attack to access a user’s private data.Xu-CDE,a deduplication solution of encrypting data for multi-client was first proposed,which could protect the privacy of data from the external attackers and honest but curious server,with favorable theoretical meaning and representativeness.However,in Xu-CDE,the user ownership authentication credentials were lack of instantaneity protection,which could not resist replay attack.As an improvement to the flaw,the protocol MRN-CDE (MLE based and random number modified client-side deduplication of encrypted data in cloud storage) was proposed,adding random number in order to ensure the instantaneity of the authentication credentials,and using the algorithm of MLE-K_Pto extract key from original file to replace the file itself as an encryption key.As a consequence,the new protocol improved security while significantly reduced the amount of computation.After the safety analysis and the actual tests,results show that based on Xu-CDE,the proposed protocol MRN-CDE has stronger security of ownership,and improves time efficiency.Specially,the new protocol works better on large files in cloud with a certain value.

Key words: encrypted data, deduplication, proof of ownership, instantaneity, cloud storage

CLC Number:

TP391

Chao YANG,Qian JI,Si-chun XIONG,Mao-zhen LIU,Jian-feng MA,Qi JIANG,Lin BAI. New method for file deduplication in cloud storage[J]. Journal on Communications, 2017, 38(3): 25-33.

Figures/Tables 10

References 13

[1]	BARACALDO N , ANDROULAKI E , GLIDER J ,et al. Reconciling end-to-end confidentiality and data reduction in cloud storage[C]// Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security. 2014.
[2]	熊金波, 李凤华, 王彦超 ,等. 基于密码学的云数据确定性删除研究进展[J]. 通信学报, 2016,37(8): 167-184.
	XIONG J B , LI F H , WANG Y C ,et al. Research progress on cloud data assured deletion based on cryptography[J]. Journal on Communi cations, 2016,37(8): 167-184.
[3]	HARNIK D , PINKAS B,SHULMAN-PELEG A . Side channels in cloud services,the case of deduplication in cloud storage[J]. IEEE Security and Privacy, 2010,8(6): 40-47.
[4]	MULAZZANI M , SCHRITTWIESER S , LEITHNER M ,et al. Dark clouds on the horizon:using cloud storage as attack vector and online slack space[C]// USENIX Security Symposium. 2011.
[5]	HALEVI S , HARNIK D , PINKAS B ,et al. Proofs of ownership in remote storage systems[C]// ACM Conference on Computer and Communications Security. 2011: 491-500.
[6]	ROBERTO D P , ALESSANDRO S . Boosting efficiency and security in proof of ownership for deduplication[C]// ACM Symposium on Information,Computer and Communications Security. 2012: 81-82.
[7]	PIETRO D , ROBERTO , SORNIOTTI A . Proof of ownership for deduplication systems:a secure,scalable,and efficient solution[J]. Computer Communications, 2016,82(2): 71-82.
[8]	DOUCEUR J , BOLOSKY W THEIMER M . US Patent 7266689:encryption systems and methods for identifying and coalescing identical objects encrypted with different keys[P]. 2007.
[9]	GONZáLEZ-MANZANO L , ORFILA A . An efficient confidentiality-preserving proof of ownership for deduplication[J]. Journal of Network and Computer Applications, 2015,50(1): 49-59.
[10]	XU J , CHANG E C , ZHOU J Y . Weak leakage-resilient client-side deduplication of encrypted data in cloud storage[C]// The 8th ACM Symposium on Information,Computer and Communications Security. 2013: 195-206.
[11]	TANG H Y , CUI Y , GUAN C W ,et al. Enabling ciphertext deduplication for secure cloud storage and access control[C]// The 11th ACM on Asia Conference on Computer and Communications Security. 2016: 59-70.
[12]	BELLARE M , KEELVEEDHI S , RISTENPART T . Message-locked encryption and secure deduplication[C]// Advances in CryptologyCRYPTO 2013,Lecture Notes in Computer Science. 2013: 374-391.
[13]	RASHID F , MIRI A , WOUNGANG I . Proof of retrieval and ownership protocols for enterprise-level data deduplication[C]// The 2013 Conference of the Center for Advanced Studies on Collaborative Research. 2013: 81-90.

Metrics

Recommended 0

No Suggested Reading articles found!

方案	原始数据参与计算	动态证据	抵抗重放攻击
MRN-CDE	√	√	√
Xu-CDE	NONE	NONE	NONE

硬盘	CPU	内存	操作系统
500 GB	双核	4 GB	Windows 7（64 bit）

服务商	位置	Server ID	硬盘	CPU	内存	操作系统	带宽
阿里云	青岛	i-28vj83Web	20 GB	双核	4 GB	Windows Server 2012 标准版 64位中文版	5 Mbit/s

文件大小/MB			准备阶段		阶段总时间/s
文件大小/MB	Thash(F)/s	T_AES(τ,F)/s	T_Cτ /s	文件上传时间/s	阶段总时间/s
1	0.020 200	0.084 400	0.015 000	16.76	16.88
16	0.260 500	1.251 200	0.254 500	155.36	157.13
128	2.087 700	10.165 000	2.025 500	1 151.93	1 180.49
256	4.347 500	19.927 500	3.869 000	2 630.20	2 686.49
512	8.846 500	52.702 000	9.646 500	5 460.40	5 531.60
1024	18.279 00	104.290 00	18.707 00	11 120.80	11 262.08

大小/MB	V₁阶段/s		V₂阶段		阶段总时间/s
大小/MB	V₁阶段/s	T_GET(τ)/s	T_AES(F,τ)/s	T_hash(C_F)/s	阶段总时间/s
1	0.558 2	0.022 000	0.075 000	0.016 000	0.647
16	0.798 5	0.251 000	1.248 000	0.259 000	2.209
128	2.625 7	2.079 000	9.943 000	2.073 000	24.040
256	4.885 5	4.044 00	20.168 000	4.120 000	27.784
512	9.384 5	8.161 000	40.494 000	8.197 000	54.257
1024	18.817 0	16.218 000	92.701 000	16.504 000	121.388

New method for file deduplication in cloud storage

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 13

Related Articles 15

Metrics

Recommended 0

文件大小/MB	准备阶段/s		挑战应答阶段/s		总时间/s
文件大小/MB	Xu-CDE	MRN-CDE	Xu-CDE	MRN-CDE	Xu-CDE	MRN-CDE
1	16.88	16.86	0.647	0.627	17.527	17.487
16	157.13	156.94	2.209	2.033	159.339	158.973
128	1 180.49	1 164.55	24.040	22.815	1204.53	1 187.365
256	2 686.49	2 655.22	27.784	24.826	2 714.274	2 680.046
512	5 531.60	5 515.56	54.257	48.208	5 585.857	5 563.768
1024	11 262.08	11 223.90	121.388	107.841	11 383.468	11 341.741

[1]	Guanxiong HA, Qiaowen JIA, Hang CHEN, Chunfu JIA. Data popularity-based encrypted deduplication scheme without third-party servers [J]. Journal on Communications, 2022, 43(8): 17-29.
[2]	Tao FENG, Fanqi KONG, Chunyan LIU, Rong MA, Albettar Maher. Dual verifiable cloud storage scheme based on blockchain [J]. Journal on Communications, 2021, 42(12): 192-201.
[3]	Chunfu JIA, Guanxiong HA, Shaoqiang WU, Hang CHEN, Ruiqi LI. AONT-and-NTRU-based rekeying scheme for encrypted deduplication [J]. Journal on Communications, 2021, 42(10): 67-80.
[4]	Xin TANG,Linna ZHOU,Weijie SHAN,Dan LIU. Threshold re-encryption based secure deduplication method for cloud data with resistance against side channel attack [J]. Journal on Communications, 2020, 41(6): 98-111.
[5]	Chunfu JIA,Guanxiong HA,Ruiqi LI. Data access control policy of encrypted deduplication system [J]. Journal on Communications, 2020, 41(5): 72-83.
[6]	Junfeng TIAN,Yanbiao WANG,Xinfeng HE,Juntao ZHANG,Wanhe YANG,Ya’nan PANG. Survey on the causal consistency of data [J]. Journal on Communications, 2020, 41(3): 154-167.
[7]	Wenlong KE,Yong WANG,Miao YE,Junqi CHEN. Priority differentiated multicast flow scheduling method in Ceph cloud storage network [J]. Journal on Communications, 2020, 41(11): 40-51.
[8]	Lei SUN,Zhiyuan ZHAO,Jianhua WANG,Zhiqiang ZHU. Attribute-based encryption scheme supporting attribute revocation in cloud storage environment [J]. Journal on Communications, 2019, 40(5): 47-56.
[9]	Xiangsong ZHANG,Chen LI,Zhenhua LIU. Key-exposure resilient integrity auditing scheme with encrypted data deduplication [J]. Journal on Communications, 2019, 40(4): 95-106.
[10]	Miaomiao TIAN,Chuang GAO,Jie CHEN. Identity-based cloud storage integrity checking from lattices [J]. Journal on Communications, 2019, 40(4): 128-139.
[11]	Junfeng TIAN,Mengjia CHAI,Liuling QI. Provable data possession scheme based on public verification and private verification [J]. Journal on Communications, 2019, 40(3): 48-59.
[12]	Ruizhong DU,Pengliang SHI,Xinfeng HE. Cloud data assured deletion scheme based on overwrite verification [J]. Journal on Communications, 2019, 40(1): 130-140.
[13]	Guofeng WANG,Chuanyi LIU,Peiyi HAN,Hezhong PAN,Binxing FANG. Research on technology of data encryption and search based on access broker [J]. Journal on Communications, 2018, 39(7): 1-14.
[14]	Jinbo XIONG,Yuanyuan ZHANG,Youliang TIAN,Zuobin YING,Qi LI,Rong MA. Cloud data secure deduplication scheme via role-based symmetric encryption [J]. Journal on Communications, 2018, 39(5): 59-73.
[15]	Xincheng YAN,Yue CHEN,Hongyong JIA,Yanru CHEN,Xinyue ZHANG. Secure data sharing scheme supporting efficient synchronous evolution for ciphertext and key [J]. Journal on Communications, 2018, 39(5): 123-133.

文件大小/MB	V₁阶段/s		V₂阶段		阶段总时间/s
文件大小/MB	V₁阶段/s	T_GET(τ)/s（可忽略）	T_AES(F, τ)/s	T_hash(β\|\|C_F)/s	阶段总时间/s
1	0.570 0	0.000 001	0.073 000	0.016 000	0.627
16	1.188 0	0.000 001	1.247 000	0.248 000	2.033
128	2.794 0	0.000 001	10.235 000	2.042 000	12.815
256	4.966 0	0.000 001	20.254 000	4.034 000	24.826
512	9.628 0	0.000 001	39.470 000	8.200 000	48.208
1024	18.162 0	0.000 001	91.090 00	16.213 000	107.841