Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud

Tariqul Islam, Kiho Lim, D. Manivannan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Conventional encryption schemes are being used over the years for securing outsourced data to cloud. However, this impedes deduplication-the ability to identify and remove duplicate data from storage server. The idea of Convergent Encryption was introduced to overcome this problem which ensures that identical plaintext files will always produce identical ciphertexts and thus enabling deduplication. Nonetheless, this scheme is vulnerable to a side-channel attack called 'confirmation-of-a-file' and its variant 'learn-the-remaining-information' attack which breach user privacy by observing the deduplication operation. To resolve the above two seemingly contrasting issues, we propose a scheme which blends convergent encryption with a traditional access control scheme for simultaneously achieving confidentiality and deduplication. Both theoretical security analysis and experimental results show that our scheme is semantically secure and resilient against attacks. It incurs minor storage and latency overhead while performing file and block level deduplication. Furthermore, it ensures secure and fine-grained access control of outsourced data by efficiently handling key-management process.

Original languageEnglish (US)
Title of host publication2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-6
Number of pages6
ISBN (Electronic)9781728138930
DOIs
StatePublished - Jan 2020
Externally publishedYes
Event17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020 - Las Vegas, United States
Duration: Jan 10 2020Jan 13 2020

Publication series

Name2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020
Volume2019-January

Conference

Conference17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020
CountryUnited States
CityLas Vegas
Period1/10/201/13/20

Keywords

  • Access Control
  • Authentication
  • Confidentiality
  • Convergent Encryption
  • Deduplication

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality
  • Media Technology
  • Communication

Fingerprint Dive into the research topics of 'Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud'. Together they form a unique fingerprint.

Cite this