Paper 2013/514

Leakage Resilient Proofs of Ownership in Cloud Storage, Revisited

Jia Xu and Jianying Zhou

Abstract

Client-side deduplication is a very effective mechanism to reduce both storage and communication cost in cloud storage service. Halevi~\emph{et al.} (CCS '11) discovered security vulnerability in existing implementation of client-side deduplication and proposed a cryptographic primitive called ``proofs of ownership'' (PoW) as a countermeasure. In a proof of ownership scheme, any owner of the same file can prove to the cloud storage server that he/she owns that file in an efficient and secure manner, even if a bounded amount of any efficiently extractable information of that file has been leaked. We revisit Halevi~\emph{et al.}'s formulation of PoW and significantly improve the understanding and construction of PoW. Our contribution is twofold: \begin{itemize} \item Firstly, we propose a generic and conceptually simple approach to construct \emph{Privacy-Preserving} Proofs of Ownership scheme, by leveraging on well-known primitives (i.e. Randomness Extractor and Proofs of Retrievability) and technique (i.e. sample-then-extract). Our approach can be roughly described as \textsf{Privacy-Preserving PoW = Randomness Extractor $+$ Proofs of Retrievability}. \item Secondly, in order to provide a better instantiation of Privacy-Preserving-PoW, we propose a novel design of randomness extractor with large output size, which improves the state of art by reducing both the random seed length and entropy loss (i.e. the difference between the entropy of input and output) simultaneously. \end{itemize}

Note: Significant revision in writing. A short version of this work is accepted by ACNS '14.