Randomized deduplication with ownership management and data sharing in cloud storage

Abstract

In commercial cloud services, the client-side deduplication is widely used to save the system resource of servers. However, this kind of deduplication technique is vulnerable to the collusive authentication attack, brute-force attack and duplicate-faking attack. Most existing schemes cannot resolve those problems efficiently. Besides, how to realize the ownership management in client-side deduplication to ensure the forward and backward secrecy of outsourced data is also a hot issue. In this paper, we propose a randomized client-side deduplication scheme, which uses a randomized deduplication protocol to prevent the collusive authentication attack and offline brute-force attack launched by the outside adversaries, and stores each data according to two file tags to resist duplicate-faking attack. In addition, we realize a more available ownership management and data sharing with the aid of dynamic Key-Encrypting Key tree. Security and performance analysis show that the proposed scheme can achieve the desired security requirements while saving the system resource efficiently.