Graduate School and Research Center in Digital Sciences

ClouDedup: Secure deduplication with encrypted data for cloud storage

Puzio, Pasquale; Molva, Refik; Onen, Melek; Loureiro, Sergio

Research Report RR-13-288

With the continuous and exponential increase of the number of users and the size of their data, data deduplication becomes more and more a necessity for cloud storage providers. By storing a unique copy of duplicate data, cloud providers greatly reduce their storage and data transfer costs. The advantages of deduplication unfortunately come with a high cost in terms of new security and privacy challenges. We propose ClouDedup, a secure and efficient storage service which assures block-level deduplication and data confidentiality at the same time. Although based on convergent encryption, ClouDedup remains secure thanks to the definition of a component that implements an additional encryption operation and an access control mechanism. Furthermore, as the requirement for deduplication at block-level raises an issue with respect to key management, we suggest to include a new component in order to implement the key management for each block together with the actual deduplication operation. We show that the overhead introduced by these new components is minimal and does not impact the overall storage and computational costs.

Document Bibtex

Title:ClouDedup: Secure deduplication with encrypted data for cloud storage
Department:Digital Security
Eurecom ref:4110
Copyright: © EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research Report RR-13-288 and is available at :
Bibtex: @techreport{EURECOM+4110, year = {2013}, title = {{C}lou{D}edup: {S}ecure deduplication with encrypted data for cloud storage}, author = {{P}uzio, {P}asquale and {M}olva, {R}efik and {O}nen, {M}elek and {L}oureiro, {S}ergio}, number = {EURECOM+4110}, month = {09}, institution = {Eurecom}, url = {},, }
See also: