Skip to main content
Log in

Secure Proof of Ownership Using Merkle Tree for Deduplicated Storage

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

In cloud services, deduplication is a widely used data reduction technique to minimize storage and communication overhead. Nonetheless, deduplication introduces a serious security risk: a malicious client can obtain access to a file on storage by learning just a piece of information about the file. Proof of ownership schemes provides protection against this security risk as it enables the server to check whether the client actually owns a particular file in its entirety. However, a malicious client may misuse proof of ownership procedure to waste resources at the server. For that, she sends a large number of upload requests and tries to keep the server busy in computing challenges and verifying responses. In this paper, we propose a secure proof of ownership scheme using Merkle tree. In this approach, cloud server precomputes the challenges-responses to avoid computational overhead during subsequent upload. Moreover, cloud server does not need to retain resources until the response is received since our approach is a stateless protocol. Security analysis demonstrates that a malicious client without having entire file cannot prove herself as an owner of the file. As a proof of concept, we implement our approach in a realistic environment and demonstrate that it outperforms the existing proof of ownership schemes in terms of challenge generation, communication, and response verification cost.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.

Similar content being viewed by others

REFERENCES

  1. Merkle, R.C., A certified digital signature, Conference on the Theory and Application of Cryptology, New York: Springer, 1989, pp. 218–238.

  2. Douceur, J.R., Adya, A., Bolosky, W.J., Simon, P., and Theimer, M., Reclaiming space from duplicate files in a serverless distributed file system, Proceedings 22nd International Conference on Distributed Computing Systems, IEEE, 2002, pp. 617–624.

  3. Di Crescenzo, G., Lipton, R., and Walfish, S., Perfectly secure password protocols in the bounded retrieval model, Theory of Cryptography Conference, Berlin–Heidelberg, 2006, pp. 225–244.

  4. Dziembowski, S., Intrusion-resilience via the bounded-storage model, Theory of Cryptography Conference, Berlin–Heidelberg, 2006, pp. 207–224.

  5. Harnik, D., Pinkas, B., and Shulman-Peleg, A., Side channels in cloud services: Deduplication in cloud storage, IEEE Secur. Privacy, 2010, vol. 8, no. 6, pp. 40–47.

    Article  Google Scholar 

  6. Halevi, S., Harnik, D., Pinkas, B., and Shulman-Peleg, A., Proofs of ownership in remote storage systems, Proceedings of the 18th ACM Conference on Computer and Communications Security, ACM, 2011, pp. 491–500.

  7. Di Pietro, R. and Sorniotti, A., Boosting efficiency and security in proof of ownership for deduplication, Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ACM, 2012, pp. 81–82.

  8. Bellare, M., Keelveedhi, S., and Ristenpart, T., Message-locked encryption and secure deduplication, Annual International Conference on the Theory and Applications of Cryptographic Techniques, Berlin–Heidelberg, 2013, pp. 296–312.

  9. Blasco, J., Di Pietro, R., Orfila, A., and Sorniotti, A., A tunable proof of ownership scheme for deduplication using bloom filters, 2014 IEEE Conference on Communications and Network Security, IEEE, 2014, pp. 481–489.

  10. Du, R., Deng, L., Chen, J., He, K., and Zheng, M., Proofs of ownership and retrievability in cloud storage, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, IEEE, 2014, pp. 328–335.

  11. González-Manzano, L. and Orfila, A., An efficient confidentiality-preserving proof of ownership for deduplication, J. Network Comput. Appl., 2015, vol. 50, pp. 49–59.

    Article  Google Scholar 

  12. Yang, C., Ren, J., and Ma, J., Provable ownership of files in deduplication cloud storage, Secur. Commun. Networks, 2015, vol. 8, no. 14, pp. 2457–2468.

    Article  Google Scholar 

  13. Di Pietro, R. and Sorniotti, A., Proof of ownership for deduplication systems: A secure, scalable, and efficient solution, Comput. Commun., 2016, vol. 82, pp. 71–82.

    Article  Google Scholar 

  14. Chen, J., Zhang, L., He, K., Chen, M., Du, R., and Wang, L., Message-locked proof of ownership and retrievability with remote repairing in cloud, Secur. Commun. Networks, 2016, vol. 9, no. 16, pp. 3452–3466.

    Article  Google Scholar 

  15. González-Manzano, L., de Fuentes, J.M., and Choo, K.K.R., ase-PoW: A proof of ownership mechanism for cloud deduplication in hierarchical environments, International Conference on Security and Privacy in Communication Systems, Cham, 2016, pp. 412–428.

  16. Dave, J. and Das, M.L., 2016, March. Securing SQL with access control for database as a service model, In Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies, pp. 1–6.

  17. Dave, J., Saharan, S., Faruki, P., Laxmi, V., and Gaur, M.S., 2017, December. Secure random encryption for deduplicated storage, In International Conference on Information Systems Security, Springer, Cham, pp. 164–176.

  18. Xiong, J., Zhang, Y., Lin, L., Shen, J., Li, X., and Lin, M., ms-PoSW: A multi-server aided proof of shared ownership scheme for secure deduplication in cloud, Concurrency Comput: Pract. Exp., 2017, vol. 32, no. 3.

  19. Jiang, S., Jiang, T., and Wang, L., Secure and efficient cloud data deduplication with ownership management, IEEE Trans. Serv. Comput., 2017. https://doi.org/10.1109/TSC.2017.2771280

  20. Dave, J., Faruki, P., Laxmi, V., Bezawada, B., and Gaur, M., Secure and efficient proof of ownership for deduplicated cloud storage, Proceedings of the 10th International Conference on Security of Information and Networks, ACM, 2017, pp. 19–26.

  21. Bini, S.P. and Abirami, S., Proof of retrieval and ownership for secure fuzzy deduplication of multimedia data, in Progress in Computing, Analytics and Networking, Singapore: Springer, 2018, pp. 245–255.

    Google Scholar 

  22. Mishra, S., Singh, S., and Ali, S.T., MPoWS: Merged Proof of Ownership and Storage for Block Level Deduplication in Cloud Storage, 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), IEEE, 2018, pp. 1–7.

  23. Dave, J., Laxmi, V., Faruki, P., Gaur, M., and Shah, B., 2019, January. Bloom Filter Based Privacy Preserving Deduplication System, In International Conference on Security & Privacy, Springer, Singapore, pp. 17–34.

  24. Faruki, P., Zemmari, A., Gaur, M.S., Laxmi, V., and Conti, M., 2016, June. MimeoDroid: large scale dynamic app analysis on cloned devices via machine learning classifiers, In 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W), IEEE, pp. 60–65.

  25. Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M., and Rajarajan, M., Android security: A survey of issues, malware penetration, and defenses, IEEE Commun. Surv. Tutorials, 2014, vol. 17, no. 2, pp. 998–1022.

    Article  Google Scholar 

  26. Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M.S., and Bharmal, A., AndroSimilar: Robust statistical feature signature for Android malware detection, Proceedings of the 6th International Conference on Security of Information and Networks, 2013, pp. 152–159.

  27. Faruki, P., Laxmi, V., Bharmal, A., Gaur, M.S., and Ganmoor, V., AndroSimilar: Robust signature for detecting variants of Android malware, J. Inf. Secur. Appl., 2015, vol. 22, pp. 66–80.

    Google Scholar 

  28. Faruki, P., Laxmi, V., Gaur, M.S., and Vinod, P., Mining control flow graph as api call-grams to detect portable executable malware, Proceedings of the Fifth International Conference on Security of Information and Networks, 2012, pp. 130–137.

  29. Faruki, P., Kumar, V., Ammar, B., Gaur, M.S., Laxmi, V., and Conti, M., Platform neutral sandbox for analyzing malware and resource hogger apps, International Conference on Security and Privacy in Communication Networks, Cham, 2014, pp. 556–560.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Jay Dave.

Ethics declarations

The authors declare that they have no conflicts of interest.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jay Dave, Dutta, A., Faruki, P. et al. Secure Proof of Ownership Using Merkle Tree for Deduplicated Storage. Aut. Control Comp. Sci. 54, 358–370 (2020). https://doi.org/10.3103/S0146411620040033

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411620040033

Keywords:

Navigation