Secure Deduplication Of Encrypted Data Based On Verifiable Secret Sharing And Blind Signature

Deduplication is widely used by cloud storage providers to cut costs, by storing and uploading a single instance of identical files shared across multiple user accounts.Encrypting data on client-side before uploading it to a cloud storage is essential for protecting users' privacy. However client-side encryption is at odds with the standard practice of deduplication.Reconciling client-side encryption with cross-user deduplication is an active research topic.Although Message-locked encryption resolves this tension,the most prominent manifestation of MLE is convergent encryption,according to the data of their hash values to generate the key used to encrypt the data in order to achieve the same file encrypted generated same ciphertext, this approach has been extensively adopted for secure deduplication,however it inevitably suffers from the off-line brute-force dictionary attacks since the message usually can be predictable in practice.In order to address the above weakness,the notion of DupLESS was proposed in which the user can generate the convergent key with the help of a key server,wever it require the aid of additional independent servers which is a strong assumption that is very difficult to meet in commercial contexts.We present a secure cross-user deduplication scheme that supports client-side encryption without requiring any additional independent servers.The scheme is based on encryption key exchange and threshold blind signature,which can achieve the authenticated key agreement and cooperating to generate blind signature of a message between multiple clients, the client which upload the data to each signature value combine all blind signatures to form the complete signature value as the convergent key.This scheme can work on without any additional independent third party server, eliminate the key server in DupLESS.And compared to the PAKE, solve the problem which the checkers client needs to keep online.Meanwhile, this scheme also resist the collusion attack between the cloud server and multiple clients. Furthermore, we prove that our construction can achieve the desired security properties.