Paper Info
Title
Secure Encrypted Data Deduplication for Cloud Storage against Compromised Key Servers
Abstract
Message-locked encryption (MLE) is a special type of symmetric encryption enabling deduplication over ciphertexts. Since an MLE key is extracted from the message itself, it is vulnerable to brute-force attacks. Existing schemes employ an independent key server to help in generating MLE keys, where the MLE key is extracted from the message and a serverside secret to thwart brute-force attacks. Whereas, the security of these schemes depends on the reliability of the key server, which causes the single-point-of-failure problem. In this paper, we propose DECKS, an encrypted data deduplication scheme against the compromised key server. DECKS employs multiple key servers to assist users in generating MLE keys using an oblivious and threshold-based protocol, such that compromising any key server would not break the security. To free DECKS from trusting a specific group of key servers during the lifetime of protected data, the key servers are periodically replaced by new ones to renew the security protection. Provable security and high efficiency of DECKS are demonstrated by comprehensive analyses and experimental evaluations.
Year
DOI
Venue
2019
10.1109/GLOBECOM38437.2019.9013792
IEEE Global Communications Conference
Keywords
DocType
ISSN
Big data,cloud storage,message-locked encryption,deduplication,renewal security protection
Conference
2334-0983
Citations 
PageRank 
References 
0
0.34
16
Authors
4
Name
Order
Citations
PageRank
Yuan Zhang1729.35
Chunxiang Xu218527.83
Nan Cheng397081.34
Xuemin Shen415389928.67