Privacy Aware Data Deduplication for Side Channel in Cloud Storage

Cloud storage services enable individuals and organizations to outsource data storage to remote servers. Cloud storage providers generally adopt data deduplication, a technique for eliminating redundant data by keeping only a single copy of a file, thus saving a considerable amount of storage and bandwidth. However, an attacker can abuse deduplication protocols to steal information. For example, an attacker can perform the duplicate check to verify whether a file (e.g., a pay slip, with a specific name and salary amount) is already stored (by someone else), hence breaching the user privacy. In this paper, we propose ZEUS (zero-knowledge deduplication response) framework. We develop ZEUS and ZEUS+, two privacy-aware deduplication protocols: ZEUS provides weaker privacy guarantees while being more efficient in the communication cost, while ZEUS+ guarantees stronger privacy properties, at an increased communication cost. To our knowledge, ZEUS is the first solution which addresses two-side privacy by neither using any extra hardware nor depending on heuristically chosen parameters used by the existing solutions, thus reducing both cost and complexity of the cloud storage. We show the efficiency of the proposed framework by evaluating on real dataset and comparing the communication cost of the proposed solutions, and prove the privacy.