Cryptology ePrint Archive: Report 2013/514

Leakage Resilient Proofs of Ownership in Cloud Storage, Revisited

Jia Xu and Jianying Zhou

Abstract: Client-side deduplication is a very effective mechanism to reduce both storage and communication cost in cloud storage service. Halevi~\emph{et al.} (CCS '11) discovered security vulnerability in existing implementation of client-side deduplication and proposed a cryptographic primitive called ``proofs of ownership'' (PoW) as a countermeasure. In a proof of ownership scheme, any owner of the same file can prove to the cloud storage server that he/she owns that file in an efficient and secure manner, even if a bounded amount of any efficiently extractable information of that file has been leaked. We revisit Halevi~\emph{et al.}'s formulation of PoW and significantly improve the understanding and construction of PoW. Our contribution is twofold:

\begin​{itemize} \item

Firstly, we propose a generic and conceptually simple approach to construct \emph{Privacy-Preserving} Proofs of Ownership scheme, by leveraging on well-known primitives (i.e. Randomness Extractor and Proofs of Retrievability) and technique (i.e. sample-then-extract). Our approach can be roughly described as \textsf{Privacy-Preserving PoW = Randomness Extractor $+$ Proofs of Retrievability}.

\item Secondly, in order to provide a better instantiation of Privacy-Preserving-PoW, we propose a novel design of randomness extractor with large output size, which improves the state of art by reducing both the random seed length and entropy loss (i.e. the difference between the entropy of input and output) simultaneously.


Category / Keywords: cryptographic protocols / Cloud Storage, Client-side Deduplication, Proofs of Ownership, Leakage Resilience, Privacy-Preserving, Proofs of Retrievability, Randomness Extractor, Sample-then-Extract

Date: received 18 Aug 2013, last revised 27 Mar 2014

Contact author: jiaxu2001 at gmail com

Available format(s): PDF | BibTeX Citation

Note: Significant revision in writing. A short version of this work is accepted by ACNS '14.

Version: 20140328:022136 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]