Decentralized Server-Aided Encryption for Secure Deduplication in Cloud Storage

Youngjoo Shin, Dongyoung Koo, Joobeom Yun, Junbeom Hur

Research output: Contribution to journalArticlepeer-review

34 Citations (Scopus)


Cloud storage provides scalable and low cost resources featuring economies of scale based on multi-Tenant architecture. As the amount of data outsourced grows explosively, data deduplication, a technique that eliminates data redundancy, becomes essential. However, deduplication leads to problems with data confidentiality, thereby necessitating secure deduplication solutions. Server-Aided encryption schemes have been proposed to achieve the strongest confidentiality but with the cost of managing a key server (KS). Previous schemes, however, are based on a centralized KS that uses only a single secret key assuming a single KS in the system. In cloud storage where multi-Tenancy and scalability are crucial, such schemes degrade not only the effectiveness of deduplication but also the scalability with increasing users. In this paper, we extend server-Aided encryption to a decentralized setting that consists of multiple KSs. The key idea of our proposed scheme is to construct an inter-KS deduplication algorithm, by which a cloud storage service provider can perform deduplication over ciphertexts from different KSs within a tenant or across tenants. This way, our scheme simultaneously offers flexibility of KS management and cross-Tenant deduplication over encrypted data. The novelty of the approach is using a decentralized architecture that does not require any centralized entities for the coordination or pre-sharing of secrets among KSs. Therefore, it allows cloud storage services to offer high deduplication efficiency and scalability while preserving strong data confidentiality. We show the result of performance analysis on the proposed scheme by conducting extensive experiments. In addition, our security analysis demonstrate that the proposed scheme satisfies all desired security properties.

Original languageEnglish
Article number8025407
Pages (from-to)1021-1033
Number of pages13
JournalIEEE Transactions on Services Computing
Issue number6
Publication statusPublished - 2020 Nov 1

Bibliographical note

Funding Information:
This research has been conducted by the Research Grant of Kwangwoon University in 2017 and was supported by the National Research Foundation of Korea(NRF) grant funded by the Korea government(MSIT) (No.2017R1C1B5015045, No.2015R1C1A1A02036511, No.2016R1A2A2A05005402) and Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government (MSIT) (No.2015-0-00565, Development of Vulnerability Discovery Technologies for IoT Software Security). This research was financially supported by Hansung University for Dongyoung Koo.

Publisher Copyright:
© 2008-2012 IEEE.


  • Cloud storage
  • cross-Tenant data deduplication
  • message-locked encryption
  • server-Aided encryption

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems and Management


Dive into the research topics of 'Decentralized Server-Aided Encryption for Secure Deduplication in Cloud Storage'. Together they form a unique fingerprint.

Cite this