Secure Proof of Ownership Using Merkle Tree for Deduplicated Storage
- PDF / 558,306 Bytes
- 13 Pages / 612 x 792 pts (letter) Page_size
- 11 Downloads / 212 Views
ecure Proof of Ownership Using Merkle Tree for Deduplicated Storage Jay Davea, *, Avijit Duttab, Parvez Farukic, Vijay Laxmia, and Manoj Singh Gaurd a
Department of Computer Science and Engineering, Malaviya National Institute of Technology, Jaipur, Rajasthan, 302017 India b Applied Statistics Unit, Indian Statistical Institute, Kolkata, West Bengal, 700108 India c Department of Information Technology, A.V. Parekh Technical Institute, Rajkot, Gujarat, 360001 India d Department of Computer Science and Engineering, Indian Institute of Technology, Jammu, 181221 India *e-mail: [email protected] Received November 29, 2019; revised January 21, 2020; accepted January 27, 2020
Abstract—In cloud services, deduplication is a widely used data reduction technique to minimize storage and communication overhead. Nonetheless, deduplication introduces a serious security risk: a malicious client can obtain access to a file on storage by learning just a piece of information about the file. Proof of ownership schemes provides protection against this security risk as it enables the server to check whether the client actually owns a particular file in its entirety. However, a malicious client may misuse proof of ownership procedure to waste resources at the server. For that, she sends a large number of upload requests and tries to keep the server busy in computing challenges and verifying responses. In this paper, we propose a secure proof of ownership scheme using Merkle tree. In this approach, cloud server precomputes the challenges-responses to avoid computational overhead during subsequent upload. Moreover, cloud server does not need to retain resources until the response is received since our approach is a stateless protocol. Security analysis demonstrates that a malicious client without having entire file cannot prove herself as an owner of the file. As a proof of concept, we implement our approach in a realistic environment and demonstrate that it outperforms the existing proof of ownership schemes in terms of challenge generation, communication, and response verification cost. Keywords: proof of ownership, deduplication, cloud storage security, security protocols DOI: 10.3103/S0146411620040033
1. INTRODUCTION Cloud server offers virtually infinite, location independent and always available storage facilities. As a consequence, cloud server obtains the attention of a large number of clients. It results in a rapid growth of data volume on cloud storages and raises a demand for the data reduction technique to minimize the storage cost. Deduplication is a popular data reduction technique which allows the cloud server to store only a single copy of the user data. When a client sends data upload request, cloud server checks whether a copy of the data is present on the storage. It stores the data only if it is not present. In this way, deduplication reduces storage cost on cloud. Deduplication technique can be categorized into: (i) Client side, (ii) Server side, (iii) File level, and (iv) Block level deduplication. Client side de
Data Loading...
