| Cloud computing, as a milestone in the development of information technology, enables convenient and pay-to-use access to configurable computing resources for clients. As a typical technique of cloud computing, cloud storage service allows client to outsource their data to server and access their data whenever and wherever possible. However, once clients uploaded data, they lost control of their data and worried about whether data is safe and integral. In order to tackle with this problem, storage auditing scheme emerges to help client remotely audit data integrity without retrieving data. However, with rapid development of cloud storage service, quantity of data rises fast and data becomes duplicated. This imposes heavy burden on server and decreases storage efficiency. Deduplication technology is a key solution to this problem, it avoids server to store same data and prohibits clients to upload duplicated data which saves both bandwidth and space.While Deduplication offers a series of advantages, it brings about new security breach, i.e. adversaries can claim to have ownership of data without actually possessing the data. For the sake of possible attack on data, people use encryption to ensure data integrity and security. Whereas, encryption contradicts with deduplication, while encryption makes data random, deduplication depends on data similarity. Convergent encryption(CE) is thus provided to ensure that same plaintexts are encrypted to identical ciphertexts. But CE only offers limited security(for unpredictable messages), predictable messages under CE suffers from dictionary-attack.Meanwhile, most current deduplication schemes aim at either secure deduplication or data integrity. Due to the fact that data integrity and correctness is the basis of deduplication, it is of significant value to design a scheme which could supports both deduplication and data integrity for encrypted data.Faced with above issues, we use proof of ownership to achieve deduplication, by convergent encryption, we protect client’s data privacy. We provide two cloud storage auditing schemes for encrypted data with deduplication, our work includes:1. By analysing Yuan’s PCAD scheme and Du’s PoOR scheme, we discuss their security and performance in order to construct a data integrity auditing scheme with deduplication.2. Based on Yuan’s PCAD scheme, we build a public storage auditing scheme for encrypted data with deduplication(E-PCAD). Our scheme can safely deduplicate while proctecting user’s data privacy. Meanwhile, our scheme offers strong security for unpredictable messages. E-PCAD scheme inherited merits of PCAD scheme: public auditing, deduplication, batch auditing and tag aggregation.3. Based on Du’s PoOR scheme we build a proof of retrievability scheme for encrypted data with deduplication(E-PoOR). New scheme allows encryption on user’s data to proctect privacy. E-PoOR achieved retrievability by which data can be recovered with great possibility.Our research is to offer secure deduplication and data integrity for encrypted data in one infrastructure. Our schemes offer data confidentiality for users while deduplicating and audting, it has significant value for practical use. |
PDF Full Text Request