Secure Data De-Duplication Based on Threshold Blind Signature and Bloom Filter in Internet of Things

Abstract

Within the cloud environment, the availability of storage, as well as bandwidth, can be effectively preserved in virtue of data de-duplication. However, refraining redundancy from additional storage or communication is not trivial due to security concerns. Though intensive researches have been addressed on a convergent cryptosystem for secure data de-duplication, the conflicts amongst functionality, confidentiality, and authority remain unbalanced. More concretely, although data are obfuscated under convergent encryption, a violent dictionary attack is still efficacious since the whole pseudorandom process relies heavily on plaintexts. As for data ownership, the download privilege, which depends on hash value, may also be infringed due to the same reason. To dispose of these problems, we presented a conspiracy-free data de-duplication protocol based on a threshold blind signature in this article. With the help of multiple key servers, the outsourced file and de-duplication label will be computationally indistinguishable from random strings. We used the Boom filter as a tool to implement a proof of ownership, ensuring that the ownership claims made by users are real. It effectively prevents the attacker from using the stolen tag to get the whole file to gain file access without authorization. The most significant innovation of this article is to use homomorphism computation to aggregate and generate partial signature tags, and to introduce a secret sharing mechanism based on The Chinese Remainder Theorem to hide signature keys, thus balancing the security concerns of cloud and client. Compared with existing schemes, both communication and computation performances are preferable in our protocol. As far as we know, our scheme is the only data de-duplication scheme that satisfies the semantic security of ciphertext and label.