Secure deduplication of encrypted data in online and offline environments

Abstract

Deduplication is a very critical technology in saving cloud storage space. Specially, client-side deduplication can save both storage and bandwidth. However, there are some security risks in the existing client-side deduplication schemes, such as file proof replay attack and online/offline brute-force attack. Moreover, these schemes do not consider offline deduplication. Aiming at solving the above problems, we present a secure client-side deduplication scheme of encrypted data in online and offline environments. In our scheme, we adopt a technology, mixing the dynamic coefficient with the randomly selected original file, so that new file proof can be produced in each challenge. In the case of offline, we introduce a trusted third party as a checker to run the proof of ownership with an uploader. The main difference between online and offline deduplication is the input value, which ensures that the program can be used efficiently. So the cost of storage and design is reduced. Furthermore, the proposed scheme can resist online and offline brute-force attack, which depends on per-client rate limiting method and high collision hash function, respectively. Interestingly, the security of proposed scheme relies on secure cryptographic hash function.