Provable Ownership of Encrypted Files in De-duplication Cloud Storage

The rapid adoption of cloud storage services has created an issue that many duplicated copies of files are stored in the remote storage servers, which not only wastes the communication bandwidth for duplicated file uploading, but also increases the cost of security data management. To solve this problem, client-side deduplication was introduced to avoid the client from uploading files already existed in the remote servers. However, the existing scheme was recently found to be vulnerable to security attacks in that by learning a small piece of information related to the file, such as the hash value of the file, the attacker may be able to get full access of the entire file; and the confidentiality of the date may be vulnerable to “honest-but-curious” attacks. In this paper, to solve the problems mentioned above, we propose a cryptographically secure and efficient scheme to support cross-user client side deduplication over encrypted file. Our scheme utilizes the technique of spot checking in which the client only need to access small portions of the original file, dynamic coefficients, randomly chosen indices of the original files and a subtle approach to distribute the file encrypting key among clients to satisfy security requirements. Our extensive security analysis shows that the proposed scheme can generate provable ownership of the encrypted file (POEF) with the presence of the curious server, and maintain a high detection probability of the client misbehavior. Both performance analysis and simulation results demonstrate that our proposed scheme is much more efficient than the existing schemes, especially in reducing the burden of the client.