Article Preview
Top1. Introduction
In this digital era, the data is growing at an enormous rate hence the word ‘Big Data’ is introduced. Social networks and mobile computing systems are major players in generating Big Data. The 33 ZB of data was produced in 2018, and it is estimated that nearly 175 ZB of data will be produced in 2025 (Reinsel, Gantz, & Rydning, 2018). To store this huge volume of data, cloud services provide the cloud storage (CS) that are set-up at different geographical locations. CS is highly prevalent nowadays because it offers low-cost and location independent virtual storage and processing resources (Armbrust et al., 2010). As the volume of data is rising exponentially, cloud service providers (CSP) are required to adopt some techniques for managing disk space and enhancing reliability. Data deduplication is a technique that identifies and eliminates the redundant data and stores an only single instance of it. It improves both savings of storage space and network bandwidth (Bolosky, Douceur, Ely, & Theimer, 2000; Clements, Ahmad, Vilayannur, & Li, 2009; Douceur, Adya, Bolosky, Simon, & Theimer, 2002). Dropbox (Dropbox, 2014), Google Drive (Drive, 2016), and IDrive (IDRIVE, 2017) have also adopted deduplication techniques to reduce resource consumption.
CS security is also a challenging issue. CS adopts various data integrity checking schemes for security, but client-side deduplication always arises security issues. Malicious users may download any file by cheating the cloud server (CSS). Proof-of-ownership is the highly adaptable approach for secure client-side deduplication. By this, the owner can effectively prove to cloud server his ownership that he indeed holds the whole file. The customer usually encrypts his private data with his own encryption key and uploads the encrypted data to CS to preserve his privacy. Randomization in encryption, i.e., different keys generate different ciphertext for the same data, leads to infeasibility in deduplication.
Convergent encryption (CE) is a good solution to this problem. In CE, the encryption key is derived from the data itself for encryption (Storer, Greenan, Long, & Miller, 2008). Therefore, every user having the same data will get the same ciphertext. By this, deduplication of encrypted data is made possible. The major security flaw in CE is that key derivation process is deterministic, i.e., same files always derive the same encryption key. If attackers get the key, then CE becomes worthless (Storer et al., 2008). The problem of CE is solved by DupLESS (Bellare, Keelveedhi, & Ristenpart, 2013a) by providing a robust security scheme. However, in early proposed CE schemes including DupLESS, a user may decrypt the data after losing his ownership of uploaded data, i.e., ownership revocation.
In this paper, a secure deduplication scheme is proposed to store encrypted data. It ensures the authorized access to the shared data which is examined as a major challenge for secure and efficient CS services (Mulazzani, Schrittwieser, Leithner, Huber, & Weippl, 2011). The ownership changes dynamically hence each ownership group is handled by a group key management mechanism. The proposed scheme guarantees no leaking of any confidential information. This paper is organized as follows: related work is given in section 2. Section 3 describes the system model and security requirements. Chapter 4 explains the preliminaries and notations. The proposed secure deduplication scheme is demonstrated in section 5. The security results of the proposed scheme are described in section 6. Finally, section 7 concludes the paper.