Cloud storage services enable individuals and organizations to outsource data storage to remote servers. Cloud storage providers generally adopt data deduplication, a technique for eliminating redundant data by keeping only a single copy of a file, thus saving a considerable amount of storage and bandwidth. However, an attacker can abuse deduplication protocols to steal information. For example, an attacker can perform the duplicate check to verify whether a file (e.g., a pay slip, with a specific name and salary amount) is already stored (by someone else), hence breaching the user privacy. In this paper, we propose $\mathsf{ZEUS}$ZEUS (zero-knowledge deduplication response) framework. We develop $\mathsf{ZEUS}$ZEUS and $\mathsf{ZEUS}$ZEUS$^+$+, two privacy-aware deduplication protocols: $\mathsf{ZEUS}$ZEUS provides weaker privacy guarantees while being more efficient in the communication cost, while $\mathsf{ZEUS}$ZEUS$^+$+ guarantees stronger privacy properties, at an increased communication cost. To the best of our knowledge, $\mathsf{ZEUS}$ZEUS is the first solution which addresses two-side privacy by neither using any extra hardware nor depending on heuristically chosen parameters used by the existing solutions, thus reducing both cost and complexity of the cloud storage. In summary, through the evaluation on real datasets and comparison to existing solutions, our proposed framework demonstrates its capability of eliminating data deduplication-based side channel and at the same time keeping the deduplication benefits.

中文翻译：

---

云存储中侧信道的隐私感知重复数据删除

云存储服务使个人和组织能够将数据存储外包给远程服务器。云存储提供商普遍采用重复数据删除技术，这种技术通过只保留文件的一个副本来消除冗余数据，从而节省大量存储和带宽。但是，攻击者可以滥用重复数据删除协议来窃取信息。例如，攻击者可以执行重复检查以验证文件（例如，具有特定姓名和工资金额的工资单）是否已经（由其他人）存储，从而侵犯了用户隐私。在本文中，我们提出$\mathsf{宙斯}$宙斯 (泽滚动知识你复制秒庞塞）框架。我们开发$\mathsf{宙斯}$宙斯 和 $\mathsf{宙斯}$宙斯$^+$+，两个隐私感知重复数据删除协议： $\mathsf{宙斯}$宙斯 提供更弱的隐私保证，同时在通信成本上更有效，而 $\mathsf{宙斯}$宙斯$^+$+以增加的通信成本保证更强的隐私属性。据我们所知，$\mathsf{宙斯}$宙斯 是第一个解决方案 两侧隐私通过既不使用任何额外的硬件也不依赖于现有解决方案使用的启发式选择的参数，从而降低了云存储的成本和复杂性。总之，通过对真实数据集的评估和与现有解决方案的比较，我们提出的框架展示了其消除基于重复数据删除的侧信道并同时保持重复数据删除优势的能力。