Key Transferring-Based Secure Deduplication for Cloud Storage With Resistance Against Brute-Force Attacks

IF 4.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Network and Service Management Pub Date : 2024-10-07 DOI:10.1109/TNSM.2024.3474852

Xin Tang;Luchao Jin;Jing Bai;Linjie Shi;Yudan Zhu;Ting Cui

{"title":"Key Transferring-Based Secure Deduplication for Cloud Storage With Resistance Against Brute-Force Attacks","authors":"Xin Tang;Luchao Jin;Jing Bai;Linjie Shi;Yudan Zhu;Ting Cui","doi":"10.1109/TNSM.2024.3474852","DOIUrl":null,"url":null,"abstract":"Convergent encryption is an effective technique to achieve cross-user deduplication of encrypted data in cloud storage. However, it is vulnerable to brute-force attacks for data with low min-entropy. Moreover, once the content of the target data is successfully constructed through the aforementioned attacks, the corresponding index can also be obtained, leading to the risk of violating privacy during the process of data downloading. To address these challenges, we propose a key transferring-based secure deduplication (KTSD) scheme for cloud storage with support for ownership verification, which significantly improves the security against brute-force attacks during the ciphertext deduplication and downloading. Specifically, we introduce a randomly generated key in data encryption and downloading index generation to prevent the results from being inferred. And define a deduplication request index and a key request index by using the bloom filter to achieve brute-force attack resistant key transferring. An RSA-based ownership verification scheme is designed for the downloading process to effectively prevent privacy leakage. Finally, we prove the security of our schemes by security analysis and perform the performance evaluation experiments, the results of which show that compared to the state-of-the art, the cloud storage overhead can be reduced by 6.01% to 20.49% under KTSD.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 1","pages":"860-876"},"PeriodicalIF":4.7000,"publicationDate":"2024-10-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Network and Service Management","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10706081/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Convergent encryption is an effective technique to achieve cross-user deduplication of encrypted data in cloud storage. However, it is vulnerable to brute-force attacks for data with low min-entropy. Moreover, once the content of the target data is successfully constructed through the aforementioned attacks, the corresponding index can also be obtained, leading to the risk of violating privacy during the process of data downloading. To address these challenges, we propose a key transferring-based secure deduplication (KTSD) scheme for cloud storage with support for ownership verification, which significantly improves the security against brute-force attacks during the ciphertext deduplication and downloading. Specifically, we introduce a randomly generated key in data encryption and downloading index generation to prevent the results from being inferred. And define a deduplication request index and a key request index by using the bloom filter to achieve brute-force attack resistant key transferring. An RSA-based ownership verification scheme is designed for the downloading process to effectively prevent privacy leakage. Finally, we prove the security of our schemes by security analysis and perform the performance evaluation experiments, the results of which show that compared to the state-of-the art, the cloud storage overhead can be reduced by 6.01% to 20.49% under KTSD.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Network and Service Management Computer Science-Computer Networks and Communications

CiteScore

9.30

自引率

15.10%

发文量

325

期刊介绍： IEEE Transactions on Network and Service Management will publish (online only) peerreviewed archival quality papers that advance the state-of-the-art and practical applications of network and service management. Theoretical research contributions (presenting new concepts and techniques) and applied contributions (reporting on experiences and experiments with actual systems) will be encouraged. These transactions will focus on the key technical issues related to: Management Models, Architectures and Frameworks; Service Provisioning, Reliability and Quality Assurance; Management Functions; Enabling Technologies; Information and Communication Models; Policies; Applications and Case Studies; Emerging Technologies and Standards.