Secure Proof of Ownership Using Merkle Tree for Deduplicated Storage
Article Type
Research Article
Publication Title
Automatic Control and Computer Sciences
Abstract
Abstract: In cloud services, deduplication is a widely used data reduction technique to minimize storage and communication overhead. Nonetheless, deduplication introduces a serious security risk: a malicious client can obtain access to a file on storage by learning just a piece of information about the file. Proof of ownership schemes provides protection against this security risk as it enables the server to check whether the client actually owns a particular file in its entirety. However, a malicious client may misuse proof of ownership procedure to waste resources at the server. For that, she sends a large number of upload requests and tries to keep the server busy in computing challenges and verifying responses. In this paper, we propose a secure proof of ownership scheme using Merkle tree. In this approach, cloud server precomputes the challenges-responses to avoid computational overhead during subsequent upload. Moreover, cloud server does not need to retain resources until the response is received since our approach is a stateless protocol. Security analysis demonstrates that a malicious client without having entire file cannot prove herself as an owner of the file. As a proof of concept, we implement our approach in a realistic environment and demonstrate that it outperforms the existing proof of ownership schemes in terms of challenge generation, communication, and response verification cost.
First Page
358
Last Page
370
DOI
10.3103/S0146411620040033
Publication Date
7-1-2020
Recommended Citation
Jay Dave; Dutta, Avijit; Faruki, Parvez; Laxmi, Vijay; and Gaur, Manoj Singh, "Secure Proof of Ownership Using Merkle Tree for Deduplicated Storage" (2020). Journal Articles. 206.
https://digitalcommons.isical.ac.in/journal-articles/206