Deduplication On Encrypted Data Based On Zero-knowledge Proof And Key Transmission

With the development of cloud storage technology,more and more companies and people tend to rent cloud storage service because of its low expenditure and convenience.However,cloud storage servers will store many copies of the identical files,so data deduplication technology is even more important to address this problem.Data deduplication has been widely used in the cloud storage servers.It is a good balance between users' uploaded data and the expensiveness of communication.Through this way,we can save bandwidth and storage resource effectively.However,there are two contradictory requirements in the cloud storage servers.On the one hand,the cloud server hopes to reduce the storage of duplicate files and cut down the communication cost.On the other hand,users often want to encrypt their files locally and then upload them in order to protect their data privacy.Because of choosing different encryption keys,the diversity of ciphertext is obvious although they are identical in plaintext.At present,the key chosen to encrypt the file is always the convergent key in the client-based deduplication,so when parts of the file is revealed or the entropy of file is low,convergent encryption might lead to the leakage of the file's information.As for ownership of the file,now the solutions in some protocols are to check certain numbers of the file blocks to response the challenges of the cloud server,it cannot prove the whole ownership of the file.In another word,this way is only in a certain probability conditions to ensure the ownership of the file.Apart from above,some protocols choose a third party server to distribute and transfer the key.Through this way,we need higher security assumption,it is not suitable for the reality scenes.In this paper,we propose a new scheme to deduplicate encrypted data stored in the cloud servers based on zero-knowledge proof and hidden credential retrieval.It uses zero-knowledge proof to achieve the proof of the file ownership through the tag of the file without losing entropy.Then it uses hidden credential retrieval to transmit the encrypted key to file owners who have proved their ownership of the file.In our protocol,the encrypted key and the file itself are separated,through this way,we can avoid the leakage of file information caused by convergent encryption.Apart from that,we use zero-knowledge proof to ensure the ownership of the whole file,not part of it.In the end,the system model consists of cloud storage server and file users,without any third party servers to transmit the key.Through this way,we can avoid the communication cost of using the third party server to transmit the encrypted key.It is efficient in the real cloud server.The result shows that our protocol is more efficient and effective.It is easily to be implemented.Meanwhile it improves the security of the ownership authentication and proposes a new key transmission method.It reduces the cost of computation for encryption data deduplication based on client side and improves the space utilization of cloud storage.It improves the performance of the system and users can use cloud services efficiently and conveniently.