面向数据去重的基于二次哈希的收敛加密策略

计算机工程与科学

面向数据去重的基于二次哈希的收敛加密策略

周玉坤1,2,冯丹1,2,夏文1,2,付忞1,2

(1.武汉光电国家实验室，湖北武汉 430074;
2.华中科技大学计算机科学与技术学院信息存储系统教育部重点实验室，湖北武汉 430074)

收稿日期:2015-12-10 修回日期:2016-03-15 出版日期:2016-09-25 发布日期:2016-09-25
基金资助:
国家973计划(2011CB302301);国家自然科学重点基金(6140050892);国家自然科学基金（61502190）;华中科技大学基础研究基金(2014QNRC019)

A twice-Hash based convergent encryption strategy for data deduplication

ZHOU Yu kun1,2,FENG Dan1,2,XIA Wen1,2,FU Min1,2

(1.Wuhan National Laboratory for Optoelectronics,Wuhan 430074;
2.Key Laboratory of Data Storage Systems,Ministry of Education of China,
College of Computer Science and Technology,Huazhong University of Science and Technology,Wuhan 430074,China)

Received:2015-12-10 Revised:2016-03-15 Online:2016-09-25 Published:2016-09-25

摘要/Abstract

摘要：

在云存储和备份系统等领域，数据去重被广泛地用来消除冗余数据及节约传输带宽，数据去重的安全问题受到越来越多的关注。现有收敛加密（CE）存在两大挑战：（1）由于密钥确定化导致的线下暴力破解问题；（2）对重复数据的无用加密操作使得计算开销随着数据负载去重率的提高而增加。针对上述两个问题，提出了基于二次哈希的收敛加密策略（TCE）。具体而言，TCE首先计算数据块的哈希生成密钥，密钥经过可信第三方添加秘密信息后增加随机化程度；然后针对该哈希值再次哈希得到数据块指纹。 TCE增加了线下暴力破解的难度，消除了对重复数据的加密操作。实验测试结果表明，TCE比CE的备份窗口减少了30%~50%。

关键词: 数据去重, 收敛加密, 暴力破解攻击, 备份窗口

Abstract:

With the explosive growth of digital data, data deduplication has been widely used in cloud storage to reduce storage space and network bandwidth. Although the existing solutions use the convergent encryption (CE) to improve data confidentiality, the CE faces two main challenges: 1) the CE is subject to offline bruteforce dictionary attacks because it is deterministic and keyless; 2) the CE has to encrypt all data and calculate the fingerprint based on its ciphertext, thus the computation cost increases as the data deduplication ratio increases. In order to solve these problems, we propose a twicehash based convergent encryption strategy (TCE). The TCE encrypts data after deduplication via computing the hash twice. And the trusted third party adds secret information to make random convergent keys. The TCE uses the second hash as the fingerprint and eliminates useless operations for duplicate data encryption. Experimental results show that the TCE can reduce the backup window by 30%~50% in comparison with the CE.

Key words: data de-duplication, convergent encryption, brute force attack, backup window

周玉坤1,2,冯丹1,2,夏文1,2,付忞1,2. 面向数据去重的基于二次哈希的收敛加密策略[J]. 计算机工程与科学.

ZHOU Yu kun1,2,FENG Dan1,2,XIA Wen1,2,FU Min1,2. A twice-Hash based convergent encryption strategy for data deduplication [J]. Computer Engineering & Science.

参考文献

［1］Amazon.CaseStudies［EB/OL］.［20150617］.https:∥aws.amazon.com/cn/solutions/casestudies/ #backup.
［2］Meyer D T, Bolosky W J. A study of practical deduplication［J］.TCM Transactions on Storage, 2012,7(4):1.
［3］Wallace G,Douglis F,Qian H,et al.Characteristics of backup workloads in production systems［C］∥Proc of the 10th USENIX Conference on File and Storage Technologies (FAST’12),2012:4.
［4］Seny K,Lauter K. Cryptographic cloud storage［M］∥Financial Cryptography and Data Security.Berlin:Springer Berlin Heidelberg,2010:136149.
［5］Li J,Chen X,Li M,et al.Secure deduplication with efficient and reliable convergent key management［J］.IEEE Transactions on Parallel & Distributed Systems, 2013,25(6):1.
［6］ElShimi A,Kalach R,Kumar A,et al.Primary data deduplicationlarge scale study and system design［C］∥Proc of USENIX Conference on Technical Conference,2012:26.
［7］Douceur J R,Adya A,Bolosky W J,et al.Reclaiming space from duplicate files in a serverless distributed file system［C］∥Proc of the 22nd International Conference on Distributed Computing Systems,2002:617624.
［8］Storer M W,Greenan K,Long D D E,et al.Secure data deduplication［C］∥Proc of the 4th ACM International Workshop on Storage Security and Survivability,2008:110.
［9］Anderson P,Zhang L.Fast and secure laptop backups with encrypted deduplication［C］∥Proc of USENIX LISA,2010:3.
［10］Chaum D.Blind signatures for untraceable payments［C］∥Proc of Advances in Cryptology,1983:199203.
［11］Yun A,Shi C,Kim Y.On protecting integrity and confidentiality of cryptographic file system for outsourced storage［C］∥Proc of the 2009 ACM Workshop on Cloud Computing Security,2009:6776.
［12］Harnik D, Pinkas B, ShulmanPeleg A. Side channels in cloud services:Deduplication in cloud storage［J］.Security & Privacy,IEEE,2010,8(6):4047.
［13］WilcoxO’Hearn Z. Convergent encryption reconsidered［EB/OL］.［20080818］.http://tahoelafs.org/pipermail/tahoedev/2008March/000460.html.
［14］Bellare M,Keelveedhi S,Ristenpart T.DupLESS:Serveraided encryption for deduplicated storage［C］∥Proc of USENIX Conference on Security,2013:179194.
［15］Muthitacharoen A, Chen B, Mazieres D. A lowbandwidth network file system［J］.ACM Sigops Operating Systems Review,2001,35(5):174187.
［16］Cox L P,Murray C D,Noble B D.Pastiche:Making backup cheap and easy［J］.ACM SIGOPS Operating Systems Review,2002,36(SI):285298.
［17］Bellare M,Keelveedhi S,Ristenpart T.Messagelocked encryption and secure deduplication［M］∥Advances in CryptologyEUROCRYPT 2013. Berlin:Springer Berlin Heidelberg,2013:296312.
［18］De Santis A,Masucci B.Multiple ramp schemes［J］.IEEE Transactions on Information Theory,1999,45(5):17201728.
［19］Halevi S,Harnik D,Pinkas B,et al.Proofs of ownership in remote storage systems［C］∥Proc of the 18th ACM Conference on Computer and Communications Security,2011:491500.
［20］Di Pietro R,Sorniotti A.Boosting efficiency and security in proof of ownership for deduplication［C］∥Proc of the 7th ACM Symposium on Information,Computer and Communications Security,2012:8182.
［21］Marques L, Costa C J. Secure deduplication on mobile devices［C］∥Proc of the 2011 Workshop on Open Source and Design of Communication,2011:1926.