Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Secure generalized deduplication via multi-key revealing encryption

Lucani, Daniel E. ; Nielsen, Lars ; Orlandi, Claudio ; Pagnin, Elena LU orcid and Vestergaard, Rasmus (2020) 12th International Conference on Security and Cryptography for Networks, SCN 2020 In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 12238 LNCS. p.298-318
Abstract

Cloud Storage Providers (CSPs) offer solutions to relieve users from locally storing vast amounts of data, including personal and sensitive ones. While users may desire to retain some privacy on the data they outsource, CSPs are interested in reducing the total storage space by employing compression techniques such as deduplication. We propose a new cryptographic primitive that simultaneously realizes both requirements: Multi-Key Revealing Encryption (MKRE). The goal of MKRE is to disclose the result of a pre-defined function over multiple ciphertexts, even if the ciphertexts were generated using different keys, while revealing nothing else about the data. We present a formal model and a security definition for MKRE and provide a... (More)

Cloud Storage Providers (CSPs) offer solutions to relieve users from locally storing vast amounts of data, including personal and sensitive ones. While users may desire to retain some privacy on the data they outsource, CSPs are interested in reducing the total storage space by employing compression techniques such as deduplication. We propose a new cryptographic primitive that simultaneously realizes both requirements: Multi-Key Revealing Encryption (MKRE). The goal of MKRE is to disclose the result of a pre-defined function over multiple ciphertexts, even if the ciphertexts were generated using different keys, while revealing nothing else about the data. We present a formal model and a security definition for MKRE and provide a construction of MKRE for generalized deduplication that only uses symmetric key primitives in a black-box way. Our construction allows (a) cloud providers to reduce the storage space by using generalized deduplication to compress encrypted data across users, and (b) each user to maintain a certain privacy level for the outsourced information. Our scheme can be proven secure in the random oracle model (and we argue that this is a necessary evil). We develop a proof-of-concept implementation of our solution. For a test data set, our MKRE construction achieves secure generalized deduplication with a compression ratio of 87% for 1 KB file chunks and 82.2% for 8 KB chunks. Finally, our experiments show that, compared to generalized deduplication setup with un-encrypted files, adding privacy via MKRE introduces a compression overhead of less than $$3\%$$ and reduces the storage throughput by at most $$6.9\%$$.

(Less)
Please use this url to cite or link to this publication:
author
; ; ; and
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Private cloud storage, Revealing encryption, Secure deduplication
host publication
Security and Cryptography for Networks - 12th International Conference, SCN 2020, Proceedings
series title
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
editor
Galdi, Clemente and Kolesnikov, Vladimir
volume
12238 LNCS
pages
21 pages
publisher
Springer Science and Business Media B.V.
conference name
12th International Conference on Security and Cryptography for Networks, SCN 2020
conference location
Amalfi, Italy
conference dates
2020-09-14 - 2020-09-16
external identifiers
  • scopus:85091163821
ISSN
1611-3349
0302-9743
ISBN
9783030579890
DOI
10.1007/978-3-030-57990-6_15
project
Säkra mjukvaruuppdateringar för den smarta staden
language
English
LU publication?
yes
id
1ed76230-e38a-4871-b000-2f1a089a5d35
date added to LUP
2020-10-28 10:24:13
date last changed
2024-06-27 00:05:34
@inproceedings{1ed76230-e38a-4871-b000-2f1a089a5d35,
  abstract     = {{<p>Cloud Storage Providers (CSPs) offer solutions to relieve users from locally storing vast amounts of data, including personal and sensitive ones. While users may desire to retain some privacy on the data they outsource, CSPs are interested in reducing the total storage space by employing compression techniques such as deduplication. We propose a new cryptographic primitive that simultaneously realizes both requirements: Multi-Key Revealing Encryption (MKRE). The goal of MKRE is to disclose the result of a pre-defined function over multiple ciphertexts, even if the ciphertexts were generated using different keys, while revealing nothing else about the data. We present a formal model and a security definition for MKRE and provide a construction of MKRE for generalized deduplication that only uses symmetric key primitives in a black-box way. Our construction allows (a) cloud providers to reduce the storage space by using generalized deduplication to compress encrypted data across users, and (b) each user to maintain a certain privacy level for the outsourced information. Our scheme can be proven secure in the random oracle model (and we argue that this is a necessary evil). We develop a proof-of-concept implementation of our solution. For a test data set, our MKRE construction achieves secure generalized deduplication with a compression ratio of 87% for 1 KB file chunks and 82.2% for 8 KB chunks. Finally, our experiments show that, compared to generalized deduplication setup with un-encrypted files, adding privacy via MKRE introduces a compression overhead of less than $$3\%$$ and reduces the storage throughput by at most $$6.9\%$$.</p>}},
  author       = {{Lucani, Daniel E. and Nielsen, Lars and Orlandi, Claudio and Pagnin, Elena and Vestergaard, Rasmus}},
  booktitle    = {{Security and Cryptography for Networks - 12th International Conference, SCN 2020, Proceedings}},
  editor       = {{Galdi, Clemente and Kolesnikov, Vladimir}},
  isbn         = {{9783030579890}},
  issn         = {{1611-3349}},
  keywords     = {{Private cloud storage; Revealing encryption; Secure deduplication}},
  language     = {{eng}},
  pages        = {{298--318}},
  publisher    = {{Springer Science and Business Media B.V.}},
  series       = {{Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)}},
  title        = {{Secure generalized deduplication via multi-key revealing encryption}},
  url          = {{http://dx.doi.org/10.1007/978-3-030-57990-6_15}},
  doi          = {{10.1007/978-3-030-57990-6_15}},
  volume       = {{12238 LNCS}},
  year         = {{2020}},
}