This paper examines potential attacks on exploiting client-side deduplication and introduces a method of defense.
Authors: S. Halevi, D. Harnik, B. Pinkas, A. Shulman-Peleg
Venue: 18th ACM Conference on Computer and Communications Security (ACM CCS)
Date: October 2011
Cloud storage systems are becoming increasingly popular. A promising technology that keeps their cost down is deduplication, which stores only a single copy of repeating data. Client-side deduplication attempts to identify deduplication opportunities already at the client and save the bandwidth of uploading copies of existing files to the server.
In this work we identify attacks that exploit client-side deduplication, allowing an attacker to gain access to arbitrary-size files of other users based on a very small hash signatures of these files. More specifically, an attacker who knows the hash signature of a file can convince the storage service that it owns that file, hence the server lets the attacker download the entire file. (In parallel to our work, a subset of these attacks were recently introduced in the wild with respect to the Dropbox file synchronization service.)
To overcome such attacks, we introduce the notion of proofs-of- ownership (PoWs), which lets a client efficiently prove to a server that that the client holds a file, rather than just some short infor- mation about it. We formalize the concept of proof-of-ownership, under rigorous security definitions, and rigorous efficiency require- ments of Petabyte scale storage systems. We then present solutions based on Merkle trees and specific encodings, and analyze their security. We implemented one variant of the scheme. Our perfor- mance measurements indicate that the scheme incurs only a small overhead compared to naive client-side deduplication.
Cloud storage, Deduplication, Merkle trees, Proofs of ownership.
Download the PDF