Advertisement

Leakage Resilient Proofs of Ownership in Cloud Storage, Revisited

  • Jia Xu
  • Jianying Zhou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8479)

Abstract

Client-side deduplication is a very effective mechanism to reduce both storage and communication cost in cloud storage service. Halevi et al. (CCS ’11) discovered security vulnerability in existing implementation of client-side deduplication and proposed a cryptographic primitive called “proofs of ownership” (PoW) as a countermeasure. In a proof of ownership scheme, any owner of the same file can prove to the cloud storage server that he/she owns that file in an efficient and secure manner, even if a bounded amount of any efficiently extractable information of that file has been leaked. We revisit Halevi et al.’s formulation of PoW and significantly improve the understanding and construction of PoW. Our contribution is twofold: Firstly, we propose a generic and conceptually simple approach to construct Privacy-Preserving Proofs of Ownership scheme, by leveraging on well-known primitives (i.e. Randomness Extractor and Proofs of Retrievability) and technique (i.e. sample-then-extract). Our approach can be roughly described as Privacy-Preserving PoW = Randomness Extractor + Proofs of Retrievability. Secondly, in order to provide a better instantiation of Privacy-Preserving-PoW, we propose a novel design of randomness extractor with large output size, which improves the state of art by reducing both the random seed length and entropy loss (i.e. the difference between the entropy of input and output) simultaneously.

Keywords

Cloud Storage Client-side Deduplication Proofs of Ownership Leakage Resilience Privacy-Preserving Proofs of Retrievability Randomness Extractor Sample-then-Extract 

References

  1. 1.
    Xu, J., Zhou, J.: Leakage Resilient Proofs of Ownership in Cloud Storage, Revisited. Cryptology ePrint Archive, Report 2013/514 (2013), http://eprint.iacr.org/2013/514
  2. 2.
    iHS iSuppli: Cloud Storage Services Now Have Over 375M Users, Could Reach 500M By Year-End, http://goo.gl/BO6zWy
  3. 3.
    Blog, A.: Amazon S3 goes exponential, now stores 2 trillion objects, http://goo.gl/NUIEny, http://gigaom.com/2013/04/18/amazon-s3-goes-exponential-now-stores-2-trillion-objects/
  4. 4.
  5. 5.
    Blog, D.: Over 175 million people using Dropbox and more than a billion files synced each day, https://blog.dropbox.com/2013/07/dbx/
  6. 6.
    SNIA: Understanding Data De-duplication Ratios. white paper, http://www.snia.org/sites/default/files/Understanding_Data_Deduplication_Ratios-20080718.pdf
  7. 7.
    Douceur, J., Adya, A., Bolosky, W., Simon, D., Theimer, M.: Reclaiming space from duplicate files in a serverless distributed file system. In: ICDCS 2002: International Conference on Distributed Computing Systems (2002)Google Scholar
  8. 8.
    Douceur, J., Bolosky, W., Theimer, M.: US Patent 7266689: Encryption systems and methods for identifying and coalescing identical objects encrypted with different keys (2007)Google Scholar
  9. 9.
    Storer, M., Greenan, K., Long, D., Miller, E.: Secure Data Deduplication. In: StorageSS 2008: ACM International Workshop on Storage Security and Survivability, pp. 1–10 (2008)Google Scholar
  10. 10.
    Bellare, M., Keelveedhi, S., Ristenpart, T.: Message-Locked Encryption and Secure Deduplication. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 296–312. Springer, Heidelberg (2013), http://eprint.iacr.org/2012/631 CrossRefGoogle Scholar
  11. 11.
    Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side Channels in Cloud Services: Deduplication in Cloud Storage. IEEE Security and Privacy Magazine, Special Issue of Cloud Security 8(6) (2010)Google Scholar
  12. 12.
    Halevi, S., Harnik, D., Pinkas, B., Shulman-Peleg, A.: Proofs of ownership in remote storage systems. In: CCS 2011: ACM Conference on Computer and Communications Security, pp. 491–500 (2011), http://eprint.iacr.org/2011/207
  13. 13.
    Dropship: Dropbox api utilities (April 2011), https://github.com/driverdan/dropship
  14. 14.
    Storer, M., Greenan, K., Long, D., Miller, E.: Secure data deduplication. In: Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, StorageSS 2008, pp. 1–10 (2008)Google Scholar
  15. 15.
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM Journal on Computing 18(1), 186–208 (1989)CrossRefzbMATHMathSciNetGoogle Scholar
  16. 16.
    Wikipedia: PlayStation Network outage, http://en.wikipedia.org/wiki/PlayStation_Network_outage
  17. 17.
    wired.com: Dropbox Left User Accounts Unlocked for 4 Hours Sunday, http://www.wired.com/threatlevel/2011/06/dropbox/, http://blog.dropbox.com/?p=821
  18. 18.
  19. 19.
    Juels, A., Kaliski, Jr., B.: Pors: proofs of retrievability for large files. In: CCS 2007: ACM Conference on Computer and Communications Security, pp. 584–597 (2007)Google Scholar
  20. 20.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: CCS 2007: ACM Conference on Computer and Communications Security, pp. 598–609 (2007)Google Scholar
  21. 21.
    Xu, J., Chang, E.C., Zhou, J.: Weak Leakage-Resilient Client side Deduplication of Encrypted Data in Cloud Storage. In: ASIACCS 2013: Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security (Full Paper), pp. 195–206 (2013), http://eprint.iacr.org/2011/538
  22. 22.
    Bellare, M., Keelveedhi, S., Ristenpart, T.: DupLESS: Server-Aided Encryption for Deduplicated Storage (will appear in Usenix Security Symposium 2013). Cryptology ePrint Archive, Report 2013/429 (2013), http://eprint.iacr.org/2013/429
  23. 23.
    Ng, W.K., Wen, Y., Zhu, H.: Private data deduplication protocols in cloud storage. In: SAC 2012: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 441–446 (2012)Google Scholar
  24. 24.
    Nisan, N., Zuckerman, D.: Randomness is linear in space. Journal of Computer and System Sciences 52(Special issue on STOC 1993) , 43–52 (1996)Google Scholar
  25. 25.
    Vadhan, S.: Constructing Locally Computable Extractors and Cryptosystems in the Bounded-Storage Model. J. Cryptol. 17(1), 43–77 (2004)CrossRefzbMATHMathSciNetGoogle Scholar
  26. 26.
    Stinson, D.R.: Universal hash families and the leftover hash lemma, and applications to cryptography and computing. Journal of Combinatorial Mathematics and Combinatorial Computing 42, 3–31 (2002)zbMATHMathSciNetGoogle Scholar
  27. 27.
    Shacham, H., Waters, B.: Compact Proofs of Retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  28. 28.
    Xu, J., Chang, E.C.: Towards efficient proof of retrievability. In: ASIACCS 2012: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (Full Paper) (2012), http://eprint.iacr.org/2011/362
  29. 29.
    Goldreich, O.: A Sample of Samplers - A Computational Perspective on Sampling (survey). Electronic Colloquium on Computational Complexity (ECCC) 4(20) (1997)Google Scholar
  30. 30.
    Dodis, Y., Vadhan, S., Wichs, D.: Proofs of Retrievability via Hardness Amplification. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 109–127. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  31. 31.
    Xu, J., Chang, E.C., Zhou, J.: Leakage-Resilient Client-side Deduplication of Encrypted Data in Cloud Storage. Cryptology ePrint Archive, Report 2011/538 (2011), http://eprint.iacr.org/2011/538
  32. 32.
    Chang, E.C., Xu, J.: Remote Integrity Check with Dishonest Storage Server. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 223–237. Springer, Heidelberg (2008), http://eprint.iacr.org/2008/346 CrossRefGoogle Scholar
  33. 33.
    Zheng, Q., Xu, S.: Secure and efficient proof of storage with deduplication. In: CODASPY 2012: ACM conference on Data and Application Security and Privacy, pp. 1–12 (2012)Google Scholar
  34. 34.
    Barak, B., Dodis, Y., Krawczyk, H., Pereira, O., Pietrzak, K., Standaert, F.-X., Yu, Y.: Leftover Hash Lemma, Revisited. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 1–20. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  35. 35.
    Gabizon, A., Raz, R., Shaltiel, R.: Deterministic Extractors for Bit-Fixing Sources by Obtaining an Independent Seed. SIAM Journal on Computing 36(4), 1072–1094 (2006)CrossRefzbMATHMathSciNetGoogle Scholar
  36. 36.
    Pietro, R.D., Sorniotti, A.: Boosting Efficiency and Security in Proof of Ownership for Deduplication. In: ASIACCS 2012: ACM Symposium on Information, Computer and Communications Security (Full Paper) (2012)Google Scholar
  37. 37.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Transactions on Information and System Security 14, 12:1–12:34 (2011)Google Scholar
  38. 38.
    Vadhan, S.: Pseudorandomness. Foundations and Trends in Theoretical Computer Science 7(1-3), 1–336 (2012)CrossRefMathSciNetGoogle Scholar
  39. 39.
    Patrascu, M., Thorup, M.: The power of simple tabulation hashing. In: STOC 2011: ACM Symposium on Theory of Computing, pp. 1–10 (2011)Google Scholar
  40. 40.
    Dodis, Y., Gennaro, R., Håstad, J., Krawczyk, H., Rabin, T.: Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 494–510. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  41. 41.
    Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press (2004)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jia Xu
    • 1
  • Jianying Zhou
    • 1
  1. 1.Infocomm Security DepartmentInstitute for Infocomm ResearchSingapore

Personalised recommendations