On information leakage in deduplicated storage systems

Hubert Ritzdorf, Ghassan O. Karame, Claudio Soriente, Srdjan Čapkun

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    Abstract

    Most existing cloud storage providers rely on data deduplication in order to significantly save storage costs by storing duplicate data only once. While the literature has thoroughly analyzed client-side information leakage associated with the use of data deduplication techniques in the cloud, no previous work has analyzed the information leakage associated with access trace information (e.g., object size and timing) that are available whenever a client uploads a file to a curious cloud provider. In this paper, we address this problem and analyze information leakage associated with data deduplication on a curious storage server. We show that even if the data is encrypted using a key not known by the storage server, the latter can still acquire considerable information about the stored files and even determine which files are stored. We validate our results both analytically and experimentally using a number of real storage datasets.

    Original languageEnglish
    Title of host publicationCCSW 2016 - Proceedings of the 2016 ACM Cloud Computing Security Workshop, co-located with CCS 2016
    PublisherAssociation for Computing Machinery, Inc
    Pages61-72
    Number of pages12
    ISBN (Electronic)9781450345729
    DOIs
    Publication statusPublished - 28 Oct 2016
    Event8th ACM Cloud Computing Security Workshop, CCSW 2016 - Vienna, Austria
    Duration: 28 Oct 2016 → …

    Other

    Other8th ACM Cloud Computing Security Workshop, CCSW 2016
    Country/TerritoryAustria
    CityVienna
    Period28/10/16 → …

    Fingerprint

    Dive into the research topics of 'On information leakage in deduplicated storage systems'. Together they form a unique fingerprint.

    Cite this