BROWSE
Detail
Conference Paper
Hybrid-Type Secure Deduplication
Cited - time in 
Share 
Share
- Authors
- Keonwoo Kim, Ku-Young Chang, DooHo Choi
- Issue Date
- 2015-12
- Citation
- International Conference on Internet (ICONI) 2015, pp.143-145
- Publisher
- 한국인터넷정보학회
- Language
- English
- Type
- Conference Paper
- Abstract
- Secure deduplication is used to save network bandwidth and storage resource while satisfying data privacy in the field of cloud storage services or DB storage services. Dupless proposed by Bellare et al. is an architecture that provides secure deduplication resisting brute-force attack with an additional key server. However, this scheme consumes severely network resource since the client always sends the server all encrypted files without considering the existence of the same files on the server. In this paper, we propose a hybrid-type secure deduplication scheme, which is an improved and modified version from the Dupless. Our scheme saves network resource while achieving strong confidentiality. Hybrid-type deduplication means that both of the client and the server use a tag, which is a hash value of a file. Before uploading the encrypted file, the client generates a tag from the file and sends the server the tag. The server compares the tag transmitted from the client with tags on its storage to check whether the same file is already stored on the server. If there is an identical tag, the client sends only its encrypted key and the server adds the client into its metadata database as an additional owner of the file. Otherwise, the client uploads the encrypted file with the key. And then, the server computes a new tag by hashing the uploaded file and stores the tag with the file and key. That is, the client determines whether uploading the file or not according to the reply about the existence of the file from the server. The proposed scheme provides security against duplicating-fake attack and erasure attack. This is possible as the server verifies the integrity of the uploaded file. New API command will be required to deploy our scheme to the existing cloud storage service as doing in Dupless.
- KSP Keywords
- Brute-force attack, Cloud storage service, Hybrid-type, Key Server, Metadata database, Network bandwidth, Network resources, Secure deduplication, data privacy, encrypted file, hash value