高级检索

    云存储数据加密重删攻击与防御技术研究进展

    A Review on Encrypted Data Deduplication Attacks and Countermeasures in Cloud Storage

    • 摘要: 重复数据删除作为一种面向大数据的高效缩减技术,已经被广泛应用于各种云存储系统和服务中,为了兼容数据重删和加密,通常采用收敛加密. 然而,这种云服务商的外包存储方式以及确定性的加密方式会导致一系列数据安全问题. 目前,数据加密重删技术已成为云存储领域的研究热点. 首先介绍重复数据删除技术的概念、基础加密重删算法和云存储中数据加密重删的安全挑战,其次从攻击和防御的角度阐述当前云存储数据加密重删安全研究现状,包括3种攻击种类:蛮力攻击、频率攻击、侧信道攻击. 围绕每种攻击类型,梳理对应的代表性防御方案,并总结各个方案的优势和缺陷. 最后,针对当前数据加密重删防御方案存在的问题进行总结,并对未来的研究方向进行展望.

       

      Abstract: Data deduplication is a vital technology for efficiently managing big data, widely adopted in cloud storage systems to reduce redundancy and save space. To integrate deduplication with encryption, convergent encryption has become a common approach. This method allows for the encryption of data while still enabling deduplication by producing the same ciphertext for identical plaintexts. However, cloud service providers' outsourcing models and the deterministic nature of convergent encryption can introduce data security issues. The encryption patterns of data can become predictable, potentially exposing sensitive information to attackers, which may create serious security implications. As a result, encrypted data deduplication has emerged as an important research topic in cloud storage security. This paper firstly introduces the concept of data deduplication, encrypted deduplication algorithms, and discusses the security challenges associated with encrypting and deduplicating data in cloud storage. It then reviews the current research status from both attack and defense perspectives, covering three main types of attacks: brute force attacks, which try to decrypt data through extensive guessing; frequency analysis attacks, which exploit frequency characteristics in ciphertexts; and side-channel attacks, which leverage information from response or traffic characteristics. For each attack type, representative defense strategies are analyzed along with their strengths and weaknesses. Finally, the paper highlights the challenges faced by existing encrypted data deduplication defenses and suggests future research directions aimed at improving these techniques.

       

    /

    返回文章
    返回