Venue | Category |
---|---|
S&P'10 | Secure Deduplication |
Side Channels in Cloud Services, the Case of Deduplication in Cloud Storage1. SummaryMotivation of this paperSide Channel Attacks and Defenses2. Strength (Contributions of the paper)3. Weakness (Limitations of the paper)4. Future Works
This paper studies the privacy implications of cross-user deduplication. It shows that in different scenario, deduplication can be used as a covert channel by which malicious software can communicate with its command and control center.
regardless of any firewall settings at the attacked machine.
by examining the amount of data transferred over the network.
each file or block is compared to the data of other users.
upload or download the popular files, and check whether it is re-transmitted. e.g. Dropbox, Mozy,
monitor network traffic and measure the amount of transmitted data.
Did any user previously upload a copy of this file?
this attack can be applied whenever the number of possible version of the target file is moderate.
generate multiple versions of a file, and upload to the cloud storage, another client can use it to identify the transformed inforamtion. the covert channel can be used to transfer arbitrarily long messages by having the software save more than single file.
using personal encryption key (costly to service provider, prevent usage of deduplication, key management issue) susceptible to offline dictionary attacks against that key. (key is generated from a small domain)
small size files: always upload larger files: source-based deduplication assume: sensetive data are always in small size files
set a random threshold : perform deduplication when the number of copies of the file exceeds this threshold. Attacker: can test via uploading many copies of the file.
It is important to achieve that no one except for the server can compute . And this can be achieve by using a private server. it can also use a secret key , and computing the threshold as a function of the contents of the file. This solution can still adopt the sever-side deduplication
This paper shows that the usage of convergent encryption does not solve the security risks of data leakage.
Since an adversary can still identify the occurence of deduplication.
Importantance: This paper also mentions that it is possible to choose the threshold according to different distributions to minimize the cost while maximizing security.