ATTRIBUTE-BASED STORAGE SUPPORTING SECURE DEDUPLICATION OF ENCRYPTED DATA IN CLOUD
ABSTRACT
Attribute-based encryption (ABE) has been widely used in cloud computing where a data provider outsources his/herencrypted data to a cloud service provider, and can share the data with users possessing specific credentials (or attributes). However,the standard ABE system does not support secure deduplication, which is crucial for eliminating duplicate copies of identical data inorder to save storage space and network bandwidth. In this paper, we present an attribute-based storage system with securededuplication in a hybrid cloud setting, where a private cloud is responsible for duplicate detection and a public cloud manages thestorage. Compared with the prior data deduplication systems, our system has two advantages. Firstly, it can be used to confidentiallyshare data with users by specifying access policies rather than sharing decryption keys. Secondly, it achieves the standard notion ofsemantic security for data confidentiality while existing systems only achieve it by defining a weaker security notion. In addition, we putforth a methodology to modify a ciphertext over one access policy into ciphertexts of the same plaintext but under other access policieswithout revealing the underlying plaintext.
EXISTING SYSTEM:
Attribute-Based Encryption. Sahai and Waters introducedthe notion of attribute-based encryption (ABE), andthen Goyal et al. formulated key-policy ABE (KP-ABE)and ciphertext-policy ABE (CP-ABE) as two complimentaryforms of ABE. The first KP-ABE construction given in realized the monotonic access structures, the first KP-ABEsystem supporting the expression of non-monotone formulaswas presented in to enable more viable access poli-cies, and the first large class KP-ABE system was presentedby in the standard model in. Nevertheless, we believethat KP-ABE is less flexible than CP-ABE because the accesspolicy is determined once the user’s attribute private keyis issued. Bethencourt, Sahai and Waters proposed thefirst CP-ABE construction, but it is secure under the genericgroup model. Cheung and Newport presented a CPABEscheme that is proved to be secure under the standardmodel, but it only supports the AND access structures. ACP-ABE system under more advanced access structures isproposed by Goyal et al. based on the number theoreticassumption. In order to overcome the limitation that the sizeof the attribute space is polynomially bounded in the securityparameter and the attributes are fixed ahead, RouselakisandWaters built a large universe CP-ABE system underthe prime-order group. In this paper, the Rouselakis-Waterssystem is taken as the underlying scheme for the concreteconstruction.Secure Deduplication.With the goal of saving storage spacefor cloud storage services, Douceur et al. proposedthe first solution for balancing confidentiality and efficiencyin performing deduplication called convergent encryption,where a message is encrypted under a message-derivedkey so that identical plaintexts are encrypted to the sameciphertexts.
PROPOSED SYSTEM:
In this paper, we present an attribute-based storage systemwhich employs ciphertext-policy attribute-based encryption(CP-ABE) and supports secure deduplication. Our maincontributions can be summarized as follows._ Firstly, the system is the first that achieves the standardnotion of semantic security for data confidentialityin attribute-based deduplication systems byresorting to the hybrid cloud architecture . Secondly, we put forth a methodology to modifya ciphertext over one access policy into ciphertextsof the same plaintext but under any other accesspolicies without revealing the underlying plaintext.This technique might be of independent interest inaddition to the application in the proposed storagesystem._ Thirdly, we propose an approach based on two cryptographicprimitives, including a zero-knowledgeproof of knowledge and a commitment scheme, to achieve data consistency in the system.In a typical storage system with secure deduplication, to store a file in the cloud, a data providergenerates a tag and a ciphertext. The data provider uploadsthe tag and the ciphertext to the cloud. Upon receiving anoutsourcing request from a data provider for uploading aciphertext and an associated tag, the cloud runs a so-calledequality checking algorithm, which checks if the tag in theincoming request is identical to any tags in the storagesystem. If there is a match, then the underlying plaintextof this incoming ciphertext has already been stored and thenew ciphertext is discarded. It is apparent that such a systemwith a tag appended to the ciphertext does not provide thestandard notion of semantic security for data confidenti, because if the plaintexts can be predicated from theirtags, an adversary can always make a correct guess bycomputing the tag of a plaintext and then testing it againstthe tag in the challenge phase in the semantic security game.
CONCLUSIONS
Attribute-based encryption (ABE) has been widely usedin cloud computing where data providers outsource theirencrypted data to the cloud and can share the data withusers possessing specified credentials. On the other hand,deduplication is an important technique to save the storagespace and network bandwidth, which eliminates duplicatecopies of identical data. However, the standard ABE systemsdo not support secure deduplication, which makes themcostly to be applied in some commercial storage services.In this paper, we presented a novel approach to realize anattribute-based storage system supporting secure deduplication.Our storage system is built under a hybrid cloudarchitecture, where a private cloud manipulates the computationand a public cloud manages the storage. The privatecloud is provided with a trapdoor key associated with thecorresponding ciphertext, with which it can transfer theciphertext over one access policy into ciphertexts of the sameplaintext under any other access policies without beingaware of the underlying plaintext. After receiving a storagerequest, the private cloud first checks the validity of theuploaded item through the attached proof. If the proof isvalid, the private cloud runs a tag matching algorithm tosee whether the same data underlying the ciphertext hasbeen stored. If so, whenever it is necessary, it regeneratesthe ciphertext into a ciphertext of the same plaintext over anaccess policy which is the union set of both access policies.The proposed storage system enjoys two major advantages.Firstly, it can be used to confidentially share data with otherusers by specifying an access policy rather than sharing thedecryption key. Secondly, it achieves the standard notionof semantic security while existing deduplication schemesonly achieve it under a weaker security notion.
REFERENCES
[1] D. Quick, B. Martini, and K. R. Choo, Cloud StorageForensics. Syngress Publishing / Elsevier, 2014. [Online].Available: http://www.elsevier.com/books/cloud-storageforensics/quick/978-0-12-419970-5
[2] K. R. Choo, J. Domingo-Ferrer, and L. Zhang, “Cloud cryptography:Theory, practice and future research directions,” FutureGeneration Comp. Syst., vol. 62, pp. 51–53, 2016.
[3] K. R. Choo, M. Herman, M. Iorga, and B. Martini, “Cloud forensics:State-of-the-art and future directions,” Digital Investigation,vol. 18, pp. 77–78, 2016.
[4] Y. Yang, H. Zhu, H. Lu, J.Weng, Y. Zhang, and K. R. Choo, “Cloudbased data sharing with fine-grained proxy re-encryption,” Pervasiveand Mobile Computing, vol. 28, pp. 122–134, 2016.
[5] D. Quick and K. R. Choo, “Google drive: Forensic analysis of dataremnants,” J. Network and Computer Applications, vol. 40, pp. 179–193, 2014.
[6] A. Sahai and B. Waters, “Fuzzy identity-based encryption,” in Advancesin Cryptology – EUROCRYPT 2005, 24th Annual InternationalConference on the Theory and Applications of Cryptographic Techniques,Aarhus, Denmark, May 22-26, 2005, Proceedings, ser. Lecture Notesin Computer Science, vol. 3494. Springer, 2005, pp. 457–473.
[7] B. Zhu, K. Li, and R. H. Patterson, “Avoiding the disk bottleneckin the data domain deduplication file system,” in 6th USENIXConference on File and Storage Technologies, FAST 2008, February 26-29, 2008, San Jose, CA, USA. USENIX, 2008, pp. 269–282.
[8] M. Bellare, S. Keelveedhi, and T. Ristenpart, “Message-lockedencryption and secure deduplication,” in Advances in Cryptology- EUROCRYPT 2013, 32nd Annual International Conference on theTheory and Applications of Cryptographic Techniques, Athens, Greece,May 26-30, 2013. Proceedings, ser. Lecture Notes in ComputerScience, vol. 7881. Springer, 2013, pp. 296–312.
[9] M. Abadi, D. Boneh, I. Mironov, A. Raghunathan, and G. Segev,“Message-locked encryption for lock-dependent messages,” inAdvances in Cryptology – CRYPTO 2013 – 33rd Annual CryptologyConference, Santa Barbara, CA, USA, August 18-22, 2013. Proceedings,Part I, ser. Lecture Notes in Computer Science, vol. 8042. Springer,2013, pp. 374–391.
[10] S. Keelveedhi, M. Bellare, and T. Ristenpart, “Dupless: Serveraidedencryption for deduplicated storage,” in Proceedings of the22th USENIX Security Symposium, Washington, DC, USA, August14-16, 2013. USENIX Association, 2013, pp. 179–194.