Threshold re-encryption based secure deduplication method for cloud data with resistance against side channel attack

被引:0
作者
Tang X. [1 ]
Zhou L. [2 ]
Shan W. [1 ]
Liu D. [1 ]
机构
[1] School of Information Science and Technology, University of International Relations, Beijing
[2] School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing
来源
Tongxin Xuebao/Journal on Communications | 2020年 / 41卷 / 06期
基金
中国国家自然科学基金; 国家重点研发计划;
关键词
Late verify; Re-encryption; Side channel attack; Threshold deduplication;
D O I
10.11959/j.issn.1000-436x.2020103
中图分类号
学科分类号
摘要
For security and efficiency problems in threshold based deduplication for cloud data, a novel method based on threshold re-encryption was proposed to deal with side channel attacks. A lightweight threshold re-encryption mechanism was presented to transfer the secondary encryption to the cloud for execution and allow clients to generate ciphertext based on key segmentation instead of ciphertext segmentation, both of which largely reduce computational overhead of clients. Also, the proposed mechanism enables clients to decrypt from both one-time encrypted and re-encrypted ciphertext, thus avoiding the overhead of redundant encryption of the same file. Mutual integrity verification between cloud service provider and clients was also supported by the proposed method, which directly ensured the correctness of the correspondence between ciphertext and plaintext on client side. Experiments show that the proposed method not only largely reduces the computational overhead on client side, but also achieves superior storage performance on cloud side simultaneously. © 2020, Editorial Board of Journal on Communications. All right reserved.
引用
收藏
页码:98 / 111
页数:13
相关论文
共 23 条
[1]  
GAI K K, QIU M K., Blend arithmetic operations on tensor-based fully homomorphic encryption over real numbers, IEEE Transactions on Industrial Informatics, 14, 8, pp. 3590-3598, (2017)
[2]  
LIU J, ASOKAN N, PINKAS B., Secure deduplication of encrypted data without additional independent servers, Proceedings of the 22nd ACM Conference on Computer and Communications Security, pp. 874-855, (2015)
[3]  
YAN Z, DING W X, YU X X, Et al., Deduplication on encrypted big data in cloud, IEEE Transactions on Big Data, 2, 2, pp. 138-150, (2016)
[4]  
BELLARE M, KEELVEEDHI S, RISTENPART T., DepLess: server-aided encryption for deduplicated storage, Proceedings of the 22nd USENIX Security Symposium, pp. 179-194, (2013)
[5]  
KWON H, HAHN C, KOO D Y, Et al., Scalable and reliable key management for secure deduplication in cloud storage, Proceedings of IEEE the 10th International Conference on Cloud Computing, pp. 391-398, (2017)
[6]  
DUAN Y., Distributed key generation for encrypted deduplication: achieving the strongest privacy, Proceedings of the 21st ACM Conference on Computer and Communications Security Workshop, pp. 57-68, (2014)
[7]  
YU C M., Poster: efficient cross-user chunk-level client-side data deduplication with symmetrically encrypted two-party interactions, Proceedings of the 23rd ACM Conference on Computer and Communications Security, pp. 1763-1765, (2016)
[8]  
ZUO P F, HUA Y, WANG C, Et al., Mitigating traffic-based side channel attacks in bandwidth-efficient cloud storage, Proceedings of the 32nd IEEE International Parallel & Distributed Processing Symposium, pp. 1153-1162, (2018)
[9]  
POORANIAN Z, CHEN K C, YU C M, Et al., RARE: defeating side channels based on data-deduplication in cloud storage, Proceedings of the 37th IEEE International Conference on Computer Communications Workshops, pp. 444-449, (2018)
[10]  
YU C M, GOCHHAYAT S P, CONTI M, Et al., Privacy aware data deduplication for side channel in cloud storage, IEEE Transactions on Cloud Computing, (2018)
123