ClouDedup: Secure deduplication with encrypted data for cloud storage

Puzio, Pasquale; Molva, Refik; Onen, Melek; Loureiro, Sergio
Research Report RR-13-288

With the continuous and exponential increase of the number of users and
the size of their data, data deduplication becomes more and more a necessity
for cloud storage providers. By storing a unique copy of duplicate data, cloud
providers greatly reduce their storage and data transfer costs. The advantages
of deduplication unfortunately come with a high cost in terms of new security
and privacy challenges. We propose ClouDedup, a secure and efficient storage
service which assures block-level deduplication and data confidentiality
at the same time. Although based on convergent encryption, ClouDedup
remains secure thanks to the definition of a component that implements an
additional encryption operation and an access control mechanism. Furthermore,
as the requirement for deduplication at block-level raises an issue with
respect to key management, we suggest to include a new component in order
to implement the key management for each block together with the actual
deduplication operation. We show that the overhead introduced by these new
components is minimal and does not impact the overall storage and computational

Sécurité numérique
Eurecom Ref:
© EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research Report RR-13-288 and is available at :