Paper 2022/553

Secure Storage with Deduplication

John Best, Wayne Hineman, Steven Hetzler, Guerney Hunt, and Charanjit S. Jutla

Abstract

We describe a new secure storage scheme that facilitates deduplication. The scheme is also proved secure in the universal-composability model. It is a single server scheme, and the basic scheme does not prevent against off-line dictionary attacks if the server is compromised. However, if a global secret key is shared amongst users of the organization, and this key is never stored at the server, we also get protection against off-line dictionary attacks even if the server is compromised. The UC security model for deduplication is based on an earlier work of Liu, Asokan and Pinkas, Proc. CCS 2015. The scheme obtains additional optimization by employing the XTS-AES mode of encryption in the public random permutation model. Another upshot of the analysis is that one can first MAC and then encrypt using XTS mode and attain authenticated encryption, avoiding the pitfalls cautioned against by Hugo Krawczyk, in the work ``How Secure is SSL?'', CRYPTO 2001.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
IAPMXTSauthenticated encryptionUC securitydeduplication
Contact author(s)
csjutla @ us ibm com
History
2022-05-10: received
Short URL
https://ia.cr/2022/553
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/553,
      author = {John Best and Wayne Hineman and Steven Hetzler and Guerney Hunt and Charanjit S.  Jutla},
      title = {Secure Storage with Deduplication},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/553},
      year = {2022},
      url = {https://eprint.iacr.org/2022/553}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.