Tongxin xuebao (Sep 2015)
Secure sensitive data deduplication schemes based on deterministic/probabilistic proof of file ownership
Abstract
To solve the difficult problems of sensitive data deduplication in cloud storage,such as detection and PoW (proofs of ownership) of the duplicated ciphertext,the attacks aiming at data sensitivity,etc,a Merkle hash tree based scheme called MHT-Dedup and a homomorphic MAC based scheme called hMAC-Dedup were proposed.Both schemes provided PoW of the ciphertext file to find duplicated files on cross-user file level and check the hash of block plaintext to find duplicated blocks on local block-level,which avoided the security flaws of the hash-as-a-proof method in the cross-user file-level client-side duplication detection.MHT-Dedup provided the deterministic PoW of file with an authen-ticating binary tree generated from the tags of encrypted blocks,which had lower computing and transferring cost,and hMAC-Dedup provided the probabilistic PoW of file by verifying some sampled blocks and their homomorphic MAC tags,which had lower additional storage cost.Analyses and comparisons show that proposed schemes are preferable in many as-pects such as supporting secure two-level client-side sensitive data deduplication and resisting to brute force attack to blocks.
