Secure Deduplication-Based Storage Systems With Resistance to Side-Channel Attacks via Fog Computing

Abstract

Data deduplication technique could greatly save the storage overhead of the cloud by eliminating duplicated data and retaining one copy. In order to ensure the privacy of the data against an untrusted cloud, many cryptographic schemes have been proposed to make deduplication feasible in ciphertext. A typical scheme is Message-Locked Encryption (MLE), which takes cryptographic hash values of messages as encryption keys. However, MLE is vulnerable to side-channel attacks. Current solutions trying to mitigate these attacks raise either expensive overhead or security drawbacks. In this paper, we propose a secure data deduplication system against an untrusted cloud with resistance to two typical side-channel attacks, namely probe attack and key-cache attack. Our system uses fog computing to devise two new techniques to solve the two side-channel attacks with new security and efficiency trade-offs. The analysis and evaluation show that our system achieves better trade-offs compared with previous works.