Information Leakage in Encrypted Deduplication via Frequency Analysis
Refereed conference paper presented and published in conference proceedings

Times Cited
Altmetrics Information

Other information
AbstractEncrypted deduplication seamlessly combines encryption and deduplication to simultaneously achieve both data
security and storage efficiency. State-of-the-art encrypted deduplication systems mostly adopt a deterministic encryption approach that encrypts each plaintext chunk with a key derived from the content of the chunk itself, so that identical plaintext chunks are always encrypted into identical ciphertext chunks for deduplication. However, such deterministic encryption inherently reveals the underlying frequency distribution of the original plaintext chunks. This allows an adversary to launch frequency analysis against the resulting ciphertext chunks, and ultimately infer the content of the original plaintext chunks.

In this paper, we study how frequency analysis practically affects information leakage in encrypted deduplication storage, from both attack and defense perspectives. We first propose a new inference attack that exploits chunk locality to increase the coverage of inferred chunks. We conduct trace-driven evaluation on both real-world and synthetic datasets, and show that the new inference attack can infer a significant fraction of plaintext chunks under backup workloads. To protect against frequency analysis, we borrow the idea of existing performance-driven deduplication approaches and consider an encryption scheme called MinHash encryption, which disturbs the frequency rank of ciphertext chunks by encrypting some identical plaintext chunks into multiple distinct ciphertext chunks. Our trace-driven evaluation shows that MinHash encryption effectively mitigates the inference attack, while maintaining high storage efficiency.
All Author(s) ListJingwei Li, Chuan Qin, Patrick P. C. Lee, Xiaosong Zhang
Name of ConferenceProceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2017)
Start Date of Conference26/06/2017
End Date of Conference29/06/2017
Place of ConferenceDenver, CO
Country/Region of ConferenceUnited States of America
Proceedings TitleProceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2017)
LanguagesEnglish-United States

Last updated on 2020-18-09 at 01:50