PM-Dedup: Secure Deduplication with Partial Migration from Cloud to Edge Servers

• URL: http://arxiv.org/abs/2501.02350v1
• Date: Sat, 04 Jan 2025 18:12:23 GMT
• Title: PM-Dedup: Secure Deduplication with Partial Migration from Cloud to Edge Servers
• Authors: Zhaokang Ke, Haoyu Gong, David H. C. Du,
• Abstract summary: We present PM-Dedup, a novel secure source-based deduplication approach. We also propose various designs to enhance the security and efficiency of data deduplication.
• Score: 2.267289700532862
• License:
• Abstract: Currently, an increasing number of users and enterprises are storing their data in the cloud but do not fully trust cloud providers with their data in plaintext form. To address this concern, they encrypt their data before uploading it to the cloud. However, encryption with different keys means that even identical data will become different ciphertexts, making deduplication less effective. Encrypted deduplication avoids this issue by ensuring that identical data chunks generate the same ciphertext with content-based keys, enabling the cloud to efficiently identify and remove duplicates even in encrypted form. Current encrypted data deduplication work can be classified into two types: target-based and source-based. Target-based encrypted deduplication requires clients to upload all encrypted chunks (the basic unit of deduplication) to the cloud with high network bandwidth overhead. Source-based deduplication involves clients uploading fingerprints (hashes) of encrypted chunks for duplicate checking and only uploading unique encrypted chunks, which reduces network transfer but introduces high latency and potential side-channel attacks, which need to be mitigated by Proof of Ownership (PoW), and high computing overhead of the cloud. So, reducing the latency and the overheads of network and cloud while ensuring security has become a significant challenge for secure data deduplication in cloud storage. In response to this challenge, we present PM-Dedup, a novel secure source-based deduplication approach that relocates a portion of the deduplication checking process and PoW tasks from the cloud to the trusted execution environments (TEEs) in the client-side edge servers. We also propose various designs to enhance the security and efficiency of data deduplication.

Related papers

• CCA-Secure Key-Aggregate Proxy Re-Encryption for Secure Cloud Storage [1.4610685586329806]
  Data protection in cloud storage is the key to the survival of the cloud industry. Proxy Re-Encryption schemes enable users to convert their ciphertext into others ciphertext by using a re-encryption key. Recently, we lowered the key storage cost of C-PREs to constant size and proposed the first Key-Aggregate Proxy Re-Encryption scheme.
  arXiv  Detail & Related papers  (2024-10-10T17:02:49Z)
• Secure Outsourced Decryption for FHE-based Privacy-preserving Cloud Computing [3.125865379632205]
  Homomorphic encryption (HE) is one solution for safeguarding data privacy, enabling encrypted data to be processed securely in the cloud. We propose an outsourced decryption protocol for the prevailing RLWE-based fully homomorphic encryption schemes. Our experiments demonstrate that the proposed protocol achieves up to a $67%$ acceleration in the client's local decryption, accompanied by a $50%$ reduction in space usage.
  arXiv  Detail & Related papers  (2024-06-28T14:51:36Z)
• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
  We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss. We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query. We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
  arXiv  Detail & Related papers  (2024-04-10T08:11:12Z)
• Ciphertext-Only Attack on a Secure $k$-NN Computation on Cloud [0.0]
  encryption can prevent unauthorized access, data breaches, and the resultant financial loss, reputation damage, and legal issues. Sanyashi et al. proposed an encryption scheme to facilitate privacy-preserving $k$-NN computation on the cloud. We give an efficient algorithm and empirically demonstrate that their encryption scheme is vulnerable to the ciphertext-only attack (COA)
  arXiv  Detail & Related papers  (2024-03-14T03:53:01Z)
• CodeChameleon: Personalized Encryption Framework for Jailbreaking Large Language Models [49.60006012946767]
  We propose CodeChameleon, a novel jailbreak framework based on personalized encryption tactics. We conduct extensive experiments on 7 Large Language Models, achieving state-of-the-art average Attack Success Rate (ASR) Remarkably, our method achieves an 86.6% ASR on GPT-4-1106.
  arXiv  Detail & Related papers  (2024-02-26T16:35:59Z)
• CloudLens: Modeling and Detecting Cloud Security Vulnerabilities [15.503757553097387]
  Cloud computing services provide scalable and cost-effective solutions for data storage, processing, and collaboration. Access control misconfigurations are often the primary driver for cloud attacks. A planner generates attacks to identify such vulnerabilities in the cloud.
  arXiv  Detail & Related papers  (2024-02-16T03:28:02Z)
• DiCE -- A Data Encryption Proxy for the Cloud [0.0]
  There are concerns about the confidentiality and security of the outsourced data. The DiCE' driver parses queries as a proxy and encrypts these queries. This allows to execute many queries on an encrypted database in the cloud with the relational performance as on unencrypted databases.
  arXiv  Detail & Related papers  (2023-10-09T13:33:59Z)
• SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
  We propose SOCI+ which significantly improves the performance of SOCI. SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive. Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
  arXiv  Detail & Related papers  (2023-09-27T05:19:32Z)
• RiDDLE: Reversible and Diversified De-identification with Latent Encryptor [57.66174700276893]
  This work presents RiDDLE, short for Reversible and Diversified De-identification with Latent Encryptor. Built upon a pre-learned StyleGAN2 generator, RiDDLE manages to encrypt and decrypt the facial identity within the latent space.
  arXiv  Detail & Related papers  (2023-03-09T11:03:52Z)
• THE-X: Privacy-Preserving Transformer Inference with Homomorphic Encryption [112.02441503951297]
  Privacy-preserving inference of transformer models is on the demand of cloud service users. We introduce $textitTHE-X$, an approximation approach for transformers, which enables privacy-preserving inference of pre-trained models.
  arXiv  Detail & Related papers  (2022-06-01T03:49:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.