Proof of Ownership for Deduplication Systems: a Secure, Scalable, and Efficient Solution

Deduplication is a technique used to reduce the amount of storage needed by service providers. It is based on the intuition that several users may want (for different reasons) to store the same content. Hence, storing a single copy of these files would be sufficient. Albeit simple in theory, the implementation of this concept introduces many security risks. In this paper, we address the most severe one: an adversary, possessing only a fraction of the original file, or colluding with a rightful owner who leaks arbitrary portions of it, becomes able to claim possession of the entire file. The paper's contributions are manifold: first, we review the security issues introduced by deduplication, and model the security threats our scheme addresses; second, we introduce a novel Proof of Ownership (POW) scheme that has all the features of the state-of-the-art solution, but incurs only a fraction of the overhead experienced by the competitor. We also show that the security of the proposed mechanisms relies on information-theoretical rather than computational assumptions, and propose viable optimization techniques that further improve the scheme's performance. Finally, the quality of our proposal is supported by extensive benchmarking.

By: Roberto DI Pietro, Alessandro Sorniotti

Published in: RZ3854 in 2013


This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.


Questions about this service can be mailed to .