Research On High Performance Secure Deduplication Technology For Cloud Storage

With the development of the Internet and the widespread popularity of intelligent devices,cloud computing has become the current mainstream service mode.Through the flexible,convenient and configurable computing resources(including network,server,storage,application,and service)provided by cloud computing service,individual users and enterprises can fully benefit from the convenience,flexibility,and scalability brought by cloud computing.From the view of cloud service providers,they hope to improve the efficiency of cloud storage and computing,that is,to store more data content on limited devices and improve user experience,to provide users with more personalized services.However,from the user's view,they want to avoid the disclosure of personal privacy while using cloud services.Therefore,how to do secure deduplication in the cloud storage environment is particularly important.This study carries out research on secure deduplication technology in the cloud storage environment,focusing on how to balance the security and avalability of secure deduplication in the cloud environment and provide strong technical support for cloud service providers to achieve high-performance secure deduplication.Since the assumption of trusted third-party servers is removed,it is easier for cloud service providers to deploy a two-party security de-duplication scheme.To overcome the performance degradation and security hole problems of the existing two-party secure deduplication,this study design a novel high-performance secure deduplication without independent trusted third-party.In order to maintain the security of duplicate data detection in secure deduplication,we utilize the discrete logarithm problem to add the random factors of users into the duplicate data detection structure and design a secure duplicate data detection process from the theoretical level.To further support data owners sharing encryption keys of a duplicate chunk with other data owners,we also propose an offline high-performance key sharing technology.Through the theoretical proof and experimental evaluation,this scheme not only resists brute force attack,but also has achieved better performance of execution and deployment compared with previous schemes.Frequent modifications of multi-version files in cloud environments result in a large number uploading of unique chunks,caused by a small number of bytes difference compared with the previous version.However,according to the existing secure deduplication schemes,these chunks are considered unique and ultimately uploaded to the cloud.Moreover,each unique chunk has a block-level encryption key.Thus,the existing secure deduplication schemes cannot effectively deal with the problem of performance degradation and key management overhead caused by frequent data modification in cloud storage application scenarios.Therefore,we propose an efficient secure deduplication method for data modifications in the cloud scenario,which stores the modified content in the delta file and effectively avoids a large number of unnecessary unique chunks' uploaded.The experimental results show that our method can effectively reduce the number of non-redundant chunks and decrease the overhead of encryption key management caused by modification operations.Aiming at the chunking process of secure deduplication,this study focuses on the verification and analysis of the local boundary shift problem in this process from the experimental and theoretical perspectives.As an important part of secure deduplication,the parameter of the maximum chunk size in the client-side chunking algorithm is the main reason for generating continuous maximum length data block sequence.However,since the original intention of this parameter is to avoid too large chunk generation,the client-side chunking algorithm must introduce this parameter to simplify the chunk management in the cloud.Therefore,how to suppress the generation of sequences consisting of maximum length chunks is the key to solving the problem of local boundary shift problem.Therefore,we further study an efficient client-side chunking algorithm by breaking through the scalable secure chunking technology based on feedback and adjustment,to solve the local boundary shift problem and improve the efficiency of secure chunking algorithm.Although the traditional client-side chunking algorithm can find more redundancy by introducing smaller average chunk size,it also increases the amount of metadata including the relationship between chunks and the corresponding encryption keys and a serious performance degradation especially in secure deduplication scenario.In order to consider the total amount of deduplication ratio,the management overhead of the metadata and the number of encryption keys simultaneously in the context of secure deduplication scenario,we summarize two principles for designing a high-performance server-aid chunking algorithm.It can dynamically and selectively combine the adjacent redundant or non-redundant chunks and keeping the non-redundant chunks,which adjacent to the redundant chunk,unchanged.Thus,the server-aid chunking algorithm needs to support secure duplicate data detection.In order to ensure the security of this process,we innovatively add user's random factor and file extension factor into the process to ensure the privacy and security of user data.In addition,we further propose a server-aid chunking algorithm to combine the principles we summarized with the secure chunking process.The experimental results show that our method can securely and effectively reduce the storage overhead of metadata and the management overhead of encryption keys in secure de-duplication scenarios with comparable deduplication ratio.