Secure deduplication with encrypted data for cloud storage

With the continuous increase of the number of users and the size of their data, data deduplication becomes a necessity for cloud storage providers. By storing a unique copy of duplicate data, cloud providers greatly reduce their storage and data transfer costs. The advantages of deduplication unfortunately come with a high cost in terms of new security and privacy challenges. In this chapter we propose ClouDedup, a secure and efficient storage service which assures block-level deduplication and data confidentiality at the same time. Although ClouDedup is based on convergent encryption, it remains secure thanks to the definition of a component that implements an additional encryption operation. Furthermore, as the requirement for deduplication at block-level raises an issue with respect to key management, we suggest to include a new component in order to implement the key management for each block together with the actual deduplication operation. In this chapter we show how we have implemented the proposed architecture, the challenges we have met and our solutions to these challenges.