R&D: Comments on “Privacy Aware Data De-Dupe for Side Channel in Cloud Storage”
Show that both ZEUS and ZEUS + are easily subject to random chunk generation attack, which in turn undermines claimed security.
This is a Press Release edited by StorageNewsletter.com on May 16, 2024 at 2:00 pmIEEE Transactions on Cloud Computing has published an article written by Xin Tang; Yudan Zhu; and Mingjun Fu, School of Cyber Science and Engineering, University of International Relations, Beijing, China.
Abstract: “Cross-user deduplication is an emerging technique to eliminate uploading of redundant data in cloud storage. Even though it is able to improve storage and communication efficiency simultaneously, it suffers from the problem of privacy leakage by side channel attack, which is a major obstacle to the practical application of this technique. In order to achieve a secure cross-user deduplication, Yu et al . recently proposed a zero-knowledge response (ZEUS) scheme, together with an advanced countermeasure ZEUS + by combining ZEUS and the random threshold solution, each of which is claimed to be secure against side channel attack. However, in this paper we show that both ZEUS and ZEUS + are easily subject to a random chunk generation attack, which in turn undermines the claimed security. Furthermore, we also propose a simple but effective method to improve the existing schemes.“
Subscribe to our free daily newsletter
