Managing Deduplicate Data at Client Side in Public Cloud Storage Environment

AbstractClassical or traditional steganography aims at hiding a secret in cover media such as text, image, audio, video or even in network protocols. Recent research has improved this approach called distributed steganography by fragmenting the secret message and embedding each secret piece into a distinct cover media. The major interest of this approach is to make the secret message detection extremely difficult. However, these file modifications leave fingerprints which can reveal a secret channel to an attacker. Our contribution is a new steganography paradigm transparent to any attacker and resistant to the detection and the secret extraction. Two properties contribute to achieve these goals: the files do not undergo any modification while the distribution of the secret in the multi-cloud storage environment allows us to hide the existence of the covert channel between the communicating parties. Information’s are usually hidden inside the cover media. In this work, the covert media is a pointer to information. Therefore the file carries the information without being modified and the only way to access it is to have the key. Experiments show interesting comparison results with remarkable security contributions. The work can be seen as a new open direction for further research in the field.

Download Full-text

What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽

10.3390/info12040142 ◽

2021 ◽

Vol 12 (4) ◽

pp. 142

Author(s):

Weijing You ◽

Lei Lei ◽

Bo Chen ◽

Limin Liu

Keyword(s):

Experimental Evaluation ◽

Cloud Storage ◽

Security Analysis ◽

Encrypted Data ◽

Cloud Data ◽

Storage Cost ◽

Outsourced Data ◽

Proof Of Ownership ◽

Client Side ◽

Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

Download Full-text