| Fog computing is an outsourced computing model which distributed at the edge of the network.Compared with cloud computing,fog computing has many advantages such as low latency,low energy consumption,and high security.Thus,the prospect of fog computing on the Internet is very extensive.With the data increasing on the Internet,how to manage data items efficiently to save the storage resources of fog nodes has been the urgent issue.In the outsourced computing model,the end user always encrypts data on the local side before uploading to keep privacy.However,because the encryption key is generated randomly,it causes the fog node cannot distinguish whether the ciphertexts are encrypted from the same plaintexts.Therefore,the data deduplication cannot be executed.In order to keep the balance between data confidentiality and storage efficiency,an effective secure data deduplication scheme is message-locked encryption(MLE).Message-locked encryption,which takes the hash value of data content as the encrytion key,could make the same plaintexts are encrypted into the same ciphertexts.Therefore,MLE not only protects the privacy of the data items but also supports the deduplication in ciphertexts.However,MLE is a kind of deterministic encryption,which makes it is vulnerable to side channel attack in practical applications such as key-cache attack and probe attack.Many previous works have tried to solve these problems but most of them suffered expensive overheads.In order to keep data confidentiality and save storage efficiency in fog computing system,in this thesis,we propose a secure data deduplication scheme with resistance key-cache attack and a secure data deduplication scheme with resistance probe attack to prevent such side channel attacks.The main contributions are summarized as follows:1.We propose a secure data deduplication scheme with resistance key-cache attack which can keep privacy in secure data deduplication system.The design philosophy of our scheme is based on message-locked encryption and convergent all-or-nothing transform(CAONT).And our scheme could realize a low compution overheads via re-encrypting a little part of data items in ciphertexts update process.The corresponding achievement has been accepted by International Conference on Algorithms and Architectures for Parrallel Processing.2.We propose a secure data deduplication scheme with resistance probe attack.Our schemeis disposed at fog computing architecture to achieve two stage deduplication.Besides,our scheme manages the data owners' authorities by attribute-based encryption(ABE),which could prevent the malicious user wiretapping the data privacy from the Internet.3.We implement the two deduplication schemes of this paper on the local side and cloud server respectively.The result shows that the computation and communication performance of our scheme is more efficient than the previous works.In addition,with the increasing of dataset in the experiment,the advantages of our scheme are more obvious. |
PDF Full Text Request