Secure generalized deduplication via multi-key revealing encryption

Daniel E. Lucani, Lars Nielsen, Claudio Orlandi, Elena Pagnin, Rasmus Vestergaard

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceedingpeer-review

Abstract

Cloud Storage Providers (CSPs) offer solutions to relieve users from locally storing vast amounts of data, including personal and sensitive ones. While users may desire to retain some privacy on the data they outsource, CSPs are interested in reducing the total storage space by employing compression techniques such as deduplication. We propose a new cryptographic primitive that simultaneously realizes both requirements: Multi-Key Revealing Encryption (MKRE). The goal of MKRE is to disclose the result of a pre-defined function over multiple ciphertexts, even if the ciphertexts were generated using different keys, while revealing nothing else about the data. We present a formal model and a security definition for MKRE and provide a construction of MKRE for generalized deduplication that only uses symmetric key primitives in a black-box way. Our construction allows (a) cloud providers to reduce the storage space by using generalized deduplication to compress encrypted data across users, and (b) each user to maintain a certain privacy level for the outsourced information. Our scheme can be proven secure in the random oracle model (and we argue that this is a necessary evil). We develop a proof-of-concept implementation of our solution. For a test data set, our MKRE construction achieves secure generalized deduplication with a compression ratio of 87% for 1 KB file chunks and 82.2% for 8 KB chunks. Finally, our experiments show that, compared to generalized deduplication setup with un-encrypted files, adding privacy via MKRE introduces a compression overhead of less than $$3\%$$ and reduces the storage throughput by at most $$6.9\%$$.

Original languageEnglish
Title of host publicationSecurity and Cryptography for Networks - 12th International Conference, SCN 2020, Proceedings
EditorsClemente Galdi, Vladimir Kolesnikov
PublisherSpringer Science and Business Media B.V.
Pages298-318
Number of pages21
ISBN (Print)9783030579890
DOIs
Publication statusPublished - 2020
Event12th International Conference on Security and Cryptography for Networks, SCN 2020 - Amalfi, Italy
Duration: 2020 Sept 142020 Sept 16

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12238 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Conference on Security and Cryptography for Networks, SCN 2020
Country/TerritoryItaly
CityAmalfi
Period2020/09/142020/09/16

Subject classification (UKÄ)

  • Computer Science

Free keywords

  • Private cloud storage
  • Revealing encryption
  • Secure deduplication

Fingerprint

Dive into the research topics of 'Secure generalized deduplication via multi-key revealing encryption'. Together they form a unique fingerprint.

Cite this