Secure deduplication for multimedia data with user revocation in cloud storage

Hyunsoo Kwon, Changhee Hahn, Daeyoung Kim, Junbeom Hur

Research output: Contribution to journalArticle

8 Citations (Scopus)

Abstract

Increment of multimedia data motivates users to utilize cloud storage (CS) to exploit its massive size. For this extensible storage system, there are two desirable requirements: (1) the users should be able to ensure that their outsourced data is securely protected and (2) the cloud service provider should be able to eliminate redundant copies of data for improvement of storage utilization. Conventional encryption scheme does not satisfy the deduplication on ciphertext as it destroys message equality. Recent study, DupLESS, has enhanced Convergent Encryption (CE) and provided strong privacy. However, CE-based scheme allows the users to possibly decrypt cloud data even if the user loses his ownership to the data. In order to solve this problem, we propose a secure deduplication scheme with user revocation. Our scheme leverages oblivious pseudo-random function to generate encryption key. The CS enforces data access policy using privilege-based encryption to provide user revocation. The security analysis proves that the proposed scheme is secure against unauthorized decryption by revoked users or the cloud server, and brute-force attack on predictable set of data.

Original languageEnglish
Pages (from-to)5889-5903
Number of pages15
JournalMultimedia Tools and Applications
Volume76
Issue number4
DOIs
Publication statusPublished - 2017 Feb 1

Fingerprint

Cryptography
Servers
Data storage equipment

Keywords

  • Access control
  • Cloud computing
  • Deduplication
  • Multimedia big data
  • User revocation

ASJC Scopus subject areas

  • Software
  • Media Technology
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Secure deduplication for multimedia data with user revocation in cloud storage. / Kwon, Hyunsoo; Hahn, Changhee; Kim, Daeyoung; Hur, Junbeom.

In: Multimedia Tools and Applications, Vol. 76, No. 4, 01.02.2017, p. 5889-5903.

Research output: Contribution to journalArticle

Kwon, Hyunsoo ; Hahn, Changhee ; Kim, Daeyoung ; Hur, Junbeom. / Secure deduplication for multimedia data with user revocation in cloud storage. In: Multimedia Tools and Applications. 2017 ; Vol. 76, No. 4. pp. 5889-5903.
@article{555ba41c83c947dd93599e1e3e227352,
title = "Secure deduplication for multimedia data with user revocation in cloud storage",
abstract = "Increment of multimedia data motivates users to utilize cloud storage (CS) to exploit its massive size. For this extensible storage system, there are two desirable requirements: (1) the users should be able to ensure that their outsourced data is securely protected and (2) the cloud service provider should be able to eliminate redundant copies of data for improvement of storage utilization. Conventional encryption scheme does not satisfy the deduplication on ciphertext as it destroys message equality. Recent study, DupLESS, has enhanced Convergent Encryption (CE) and provided strong privacy. However, CE-based scheme allows the users to possibly decrypt cloud data even if the user loses his ownership to the data. In order to solve this problem, we propose a secure deduplication scheme with user revocation. Our scheme leverages oblivious pseudo-random function to generate encryption key. The CS enforces data access policy using privilege-based encryption to provide user revocation. The security analysis proves that the proposed scheme is secure against unauthorized decryption by revoked users or the cloud server, and brute-force attack on predictable set of data.",
keywords = "Access control, Cloud computing, Deduplication, Multimedia big data, User revocation",
author = "Hyunsoo Kwon and Changhee Hahn and Daeyoung Kim and Junbeom Hur",
year = "2017",
month = "2",
day = "1",
doi = "10.1007/s11042-015-2595-4",
language = "English",
volume = "76",
pages = "5889--5903",
journal = "Multimedia Tools and Applications",
issn = "1380-7501",
publisher = "Springer Netherlands",
number = "4",

}

TY - JOUR

T1 - Secure deduplication for multimedia data with user revocation in cloud storage

AU - Kwon, Hyunsoo

AU - Hahn, Changhee

AU - Kim, Daeyoung

AU - Hur, Junbeom

PY - 2017/2/1

Y1 - 2017/2/1

N2 - Increment of multimedia data motivates users to utilize cloud storage (CS) to exploit its massive size. For this extensible storage system, there are two desirable requirements: (1) the users should be able to ensure that their outsourced data is securely protected and (2) the cloud service provider should be able to eliminate redundant copies of data for improvement of storage utilization. Conventional encryption scheme does not satisfy the deduplication on ciphertext as it destroys message equality. Recent study, DupLESS, has enhanced Convergent Encryption (CE) and provided strong privacy. However, CE-based scheme allows the users to possibly decrypt cloud data even if the user loses his ownership to the data. In order to solve this problem, we propose a secure deduplication scheme with user revocation. Our scheme leverages oblivious pseudo-random function to generate encryption key. The CS enforces data access policy using privilege-based encryption to provide user revocation. The security analysis proves that the proposed scheme is secure against unauthorized decryption by revoked users or the cloud server, and brute-force attack on predictable set of data.

AB - Increment of multimedia data motivates users to utilize cloud storage (CS) to exploit its massive size. For this extensible storage system, there are two desirable requirements: (1) the users should be able to ensure that their outsourced data is securely protected and (2) the cloud service provider should be able to eliminate redundant copies of data for improvement of storage utilization. Conventional encryption scheme does not satisfy the deduplication on ciphertext as it destroys message equality. Recent study, DupLESS, has enhanced Convergent Encryption (CE) and provided strong privacy. However, CE-based scheme allows the users to possibly decrypt cloud data even if the user loses his ownership to the data. In order to solve this problem, we propose a secure deduplication scheme with user revocation. Our scheme leverages oblivious pseudo-random function to generate encryption key. The CS enforces data access policy using privilege-based encryption to provide user revocation. The security analysis proves that the proposed scheme is secure against unauthorized decryption by revoked users or the cloud server, and brute-force attack on predictable set of data.

KW - Access control

KW - Cloud computing

KW - Deduplication

KW - Multimedia big data

KW - User revocation

UR - http://www.scopus.com/inward/record.url?scp=84928150278&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84928150278&partnerID=8YFLogxK

U2 - 10.1007/s11042-015-2595-4

DO - 10.1007/s11042-015-2595-4

M3 - Article

VL - 76

SP - 5889

EP - 5903

JO - Multimedia Tools and Applications

JF - Multimedia Tools and Applications

SN - 1380-7501

IS - 4

ER -