Cryptology ePrint Archive: Report 2021/683

S2Dedup: SGX-enabled Secure Deduplication

Tânia Esteves and Mariana Miranda and João Paulo and Bernardo Portela

Abstract: Secure deduplication allows removing duplicate content at third-party storage services while preserving the privacy of users’ data. However, current solutions are built with strict designs that cannot be adapted to storage service and applications with different security and performance requirements.

We present S2Dedup, a trusted hardware-based privacy-preserving deduplication system designed to support multiple security schemes that enable different levels of performance, security guarantees and space savings. An in-depth evaluation shows these trade-offs for the distinct Intel SGX-based secure schemes supported by our prototype.

Moreover, we propose a novel Epoch and Exact Frequency scheme that prevents frequency analysis leakage attacks present in current deterministic approaches for secure deduplication while maintaining similar performance and space savings to state-of-the-art approaches.

Category / Keywords: applications / Security, Deduplication, Trusted Hardware, Distributed Systems

Original Publication (in the same form): SYSTOR'21: 14th ACM International Systems & Storage Conference
DOI:
10.1145/3456727.3463773

Date: received 25 May 2021

Contact author: blfportela at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20210528:090748 (All versions of this report)

Short URL: ia.cr/2021/683


[ Cryptology ePrint archive ]