| With the rapid development of private cloud and public cloud storage services,the exponential growth of user data occupies a large amount of storage space and transmission bandwidth,and deduplication technology is gradually paid more attention to and applied in cloud storage services.At first,convergent Encryption encrypted the same plain text to obtain the same ciphertext.Later,message-locked Encryption(MLE)proposed by Bellare et al.introduced the labels generated by ciphertext to improve the retrieval efficiency.Traditional deduplication methods are applied to file-level cloud data.However,a large number of similar files exist in the actual cloud storage.Therefore,fine-grained block-level deduplication can significantly improve deduplication efficiency and save storage space,but computing efficiency still needs to be further improved.In addition,when there is only one file on the server,a secure and efficient data sharing scheme is required between different users.Aiming at the shortcomings of the current deduplication technology,this paper proposes some improvement schemes to further improve the efficiency of storage resources and reduce user costs.In this paper,we improve the block-level message lock encryption scheme and propose a de-duplication scheme based on linear secret sharing,which supports doublegranularity de-duplication at file level and data block level and ownership authentication of data block.Attribute-based encryption(ABE)implements one-to-many access control to complete data sharing.In this scheme,the linear secret sharing is embedded in the block-level deduplication algorithm,and the calculation time increases linearly with the increase of the number of attributes.Security analysis and simulation experiments show that the proposed scheme can achieve Privacy choose-distribution attacks(PRVCDA)security on cloud servers.This scheme improves the utilization of storage space and saves computing overhead to a certain extent.Secondly,this paper proposes a block-level cloud data ciphertext deduplication algorithm that supports user undo.When attribute encryption is used to encrypt data,the ciphertext contains attribute information.Different attribute encryption generates different ciphertext.The traditional proxy re-encryption method can re-encrypt ciphertext into new ciphertext without decryption,but it has the problem of high computing overhead due to too many times of re-encryption.The algorithm proposed in this paper updates the proxy key and ciphertext for each authorized user in view of the attribute changes caused by user revocation,which can save computing overhead and improve deduplication efficiency. |
PDF Full Text Request