R&D: Privacy-Preserving Popularity-Based De-Dupe Vs. Malicious Behaviors of Cloud

ACM Digital Library has published, in ASIA CCS ’24: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security proceedings, an article written by Xiaowei Ge, Guanxiong Ha, College of Cyber Science, Nankai University, Tianjin, China, Chunfu Jia, Nankai University, Tianjin, China, and Zhen Su, College of Cyber Science, Nankai University, Tianjin, China.

Abstract: “Popularity-based secure deduplication scheme classifies data based on their number of owners and provides different levels of security for a trade-off between privacy preservation and storage savings. Most existing schemes rely on a trusted third party to record data popularity using deterministic tags, which is impractical in reality. Recently, Ha et al. propose a scheme that uses random tags to record popularity without the need for a trusted third party. However, their scheme is vulnerable to a malicious cloud launching smuggle attacks (SAs) and popularity-faking attacks (PFAs), which poses security vulnerabilities. In this paper, we propose a privacy-preserving popularity-based deduplication scheme. For one thing, we use unforgeable random tags to record data popularity, which defends against SAs. For another thing, we design a verifiable interactive popularity detection scheme to assure the correctness of popularity detection and resist PFAs. Security analysis and evaluation results show that our proposed scheme provides stronger security guarantees with limited overhead compared with existing schemes.“