Lightweight Cloud Storage Auditing with Deduplication Supporting Strong Privacy Protection

• Published in: IEEE access Vol. 8; p. 1
• Main Authors: Shen, Wenting, Su, Ye, Hao, Rong
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.01.2020; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Cloud computing; Cloud storage; Cloud storage auditing; Data security; Data storage; Deduplication; Dictionaries; Encryption; Indexes; Integrity; Lightweight; Performance evaluation; Privacy; Reproduction (copying); Security; Servers; Strong privacy protection
• ISSN: 2169-3536; 2169-3536
• DOI: 10.1109/ACCESS.2020.2977721

The cloud storage auditing with deduplication is able to verify the integrity of data stored in the cloud while the cloud needs to keep only a single copy of duplicated file. To the best of our knowledge, all of the existing cloud storage auditing schemes with deduplication are vulnerable to brute-force dictionary attacks, which incurs the leakage of user privacy. In this paper, we focus on a new aspect of being against brute-force dictionary attacks on cloud storage auditing. We propose a cloud storage auditing scheme with deduplication supporting strong privacy protection, in which the privacy of user's file would not be disclosed to the cloud and other parties when this user's file is predictable or from a small space. In the proposed scheme, we design a novel method to generate the file index for duplicate check, and use a new strategy to generate the key for file encryption. In addition, the user only needs to perform lightweight computation to generate data authenticators, verify cloud data integrity, and retrieve the file from the cloud. The security proof and the performance evaluation demonstrate that the proposed scheme achieves desirable security and efficiency.