The Overhead of Confidentiality and Client-side Encryption in Cloud Storage Systems

VenueCategory
UCC'19Data Encryption

The Overhead of Confidentiality and Client-side Encryption in Cloud Storage Systems1. SummaryMotivation of this paperData confidentiality overheadImplementation and Evaluation2. Strength (Contributions of the paper)3. Weakness (Limitations of the paper)4. Future Works

1. Summary

Motivation of this paper

Many cloud storage services are fairly blunt regarding the lack of confidentiality they provide.

a solution to provide confidential cloud storage is to use client-side encryption (CSE).

compare and contrast the security and bandwidth saving features implemented by CSE services and non-CSE services. compression, delta encoding, and deduplication

Data confidentiality overhead

This paper focuses on pure CSEs.

  1. CSEs Mega, Sync.com, SpiderOak, Tresorit

Mega: AES-128 SpiderOak: AES-256-CFB Password-Based Key Derivation Function 2 (PBKDF2)

  1. non-CSEs Dropbox, iCloud, Google Drive, Microsoft OneDrive

This was selected base on recommendations in online reviews https://www.cloudwards.net/comparison/

  1. Network traffic using Python modules netifaces and pcapy among others.
  2. CPU memory overhead using Python modules psutil
  1. Client-side deduplication Dropbox, iCloud, Mega, SpiderOak, and Sync.com
  2. Other Google drive, One Drive and Tresorit

1569076126086

Implementation and Evaluation

2. Strength (Contributions of the paper)

  1. This paper presents a comprehensive analysis of state-of-art cloud storage services

3. Weakness (Limitations of the paper)

4. Future Works

  1. how to combine delta encoding with CSEs the development of optimized delta encoding policies for CSEs, which minimize the bandwidth and storage overhead associated with CSE.