Paper 2016/977

Side channels in deduplication: trade-offs between leakage and efficiency

Frederik Armknecht, Colin Boyd, Gareth T. Davies, Kristian Gjøsteen, and Mohsen Toorani

Abstract

Deduplication removes redundant copies of files or data blocks stored on the cloud. Client-side deduplication, where the client only uploads the file upon the request of the server, provides major storage and bandwidth savings, but introduces a number of security concerns. Harnik et al. (2010) showed how cross-user client-side deduplication inherently gives the adversary access to a (noisy) side-channel that may divulge whether or not a particular file is stored on the server, leading to leakage of user information. We provide formal definitions for deduplication strategies and their security in terms of adversarial advantage. Using these definitions, we provide a criterion for designing good strategies and then prove a bound characterizing the necessary trade-off between security and efficiency.

Note: Updated definition of statistical distance.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. AsiaCCS 2017
DOI
10.1145/3052973.3053019
Keywords
Deduplicationstorage
Contact author(s)
gareth davies @ ntnu no
History
2017-06-27: last of 2 revisions
2016-10-12: received
See all versions
Short URL
https://ia.cr/2016/977
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/977,
      author = {Frederik Armknecht and Colin Boyd and Gareth T.  Davies and Kristian Gjøsteen and Mohsen Toorani},
      title = {Side channels in deduplication: trade-offs between leakage and efficiency},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/977},
      year = {2016},
      doi = {10.1145/3052973.3053019},
      url = {https://eprint.iacr.org/2016/977}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.