Towards Thwarting Template Side-channel Attacks in Secure Cloud Deduplications

Zou, Yuan; Mao, Yunlong; Xu, Minze; Xu, Fengyuan

doi:10.1109/tdsc.2019.2911502

Cited by 19 publications

(13 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…us, every one of the data owners could easily work out the convergent encryption key. A lot of successive works [13][14][15][16][17] focused on how to resist possible side channel attack in this scenario. Among them, some works [14,18] relied on an independent key server (KS) to introduce randomness into the generation of convergent key, where inefficient interactive blind signature protocol is usually needed.…”

Section: Related Workmentioning

confidence: 99%

“…Specifically, they presented a novel framework, in which deduplication is triggered only when the corresponding file has already been a popular one; thus, there is no risk of privacy leakage. As a follow-up work, Zhang et al [15] resorted to the k-anonymity technique to achieve a concrete deduplication strategy. In their design, the cloud user firstly generates a convergent ciphertext based on CE scheme.…”

Section: Related Workmentioning

confidence: 99%

“…) then (6) store integrity tags σ i,u j ; 7store secondary tags T i,u j (8) SG � SG ∪ u j ; (9) else (10) return error (11) endif (12) endfor (13) if |SG| > � t then (14) for i � 1 to n do (15) Proof. Once the number of the tags for a certain chunk reaches the threshold value t, tag aggregation would be triggered instantly and the aggregated tag is obtained based on equation (6).…”

Section: Security Analysismentioning

confidence: 99%

See 2 more Smart Citations

Aggregation-Based Tag Deduplication for Cloud Storage with Resistance against Side Channel Attack

Tang

Zhou

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

Tag deduplication is an emerging technique to eliminate redundancy in cloud storage, which works by signing integrity tags with a content-associated key instead of user-associated secret key. To achieve public auditability in this scenario, the linkage between cloud users and their integrity tags is firstly re-established in current solutions, which provides a potential side channel to malicious third-party auditor to steal the existence privacy of a certain target file. Such kind of attack, which is also possible among classic public auditing schemes, still cannot be well resisted and is now becoming a big obstacle in using this technique. In this paper, we propose a secure aggregation-based tag deduplication scheme (ATDS), which takes the lead to consider resistance against side channel attack during the process of public verification. To deal with this problem, we define a user-associated integrity tag based on the defined content-associated polynomial and devise a Lagrangian interpolation-based aggregation strategy to achieve tag deduplication. With the help of this technique, content-associated public key is able to be utilized instead of a user-associated one to achieve auditing. Once the verification is passed, the TPA is just only able to make sure that the verified data are correctly corresponding to at least a group of users in cloud storage, rather than determining specific owners. The security analysis and experiment results show that the proposed scheme is able to resist side channel attack and is more efficient compared with the state of the art.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Security Analysismentioning

confidence: 99%

See 1 more Smart Citation

Aggregation-Based Tag Deduplication for Cloud Storage with Resistance against Side Channel Attack

Tang

Zhou

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…For page fault service I k , when the VM resumes running on the target server, first check whether there are any memory pages for service I k , and if so, push the memory pages according to the initial priority calculated by (8).…”

Section: Priority Calculationmentioning

confidence: 99%

“…erefore, defense against side-channel attacks is crucial for edge computing. At the moment, virtual machine migration technology is frequently used to defend against side-channel attacks, which is the primary method of defense [8,9]. Compared with traditional countermeasures, the VM migration method is general and immediately deployable [10].…”

Section: Introductionmentioning

confidence: 99%

A Virtual Machine Migration Strategy Based on the Relevance of Services against Side-Channel Attacks

Chen

Shi

Xiang

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

With the rapid development of Internet of Things technology, a large amount of user information needs to be uploaded to the cloud server for computing and storage. Side-channel attacks steal the private information of other virtual machines by coresident virtual machines to bring huge security threats to edge computing. Virtual machine migration technology is currently the main way to defend against side-channel attacks. VM migration can effectively prevent attackers from realizing coresident virtual machines, thereby ensuring data security and privacy protection of edge computing based on the Internet of Things. This paper considers the relevance between application services and proposes a VM migration strategy based on service correlation. This strategy defines service relevance factors to quantify the degree of service relevance, build VM migration groups through service relevance factors, and effectively reduce communication overhead between servers during migration, design and implement the VM memory migration based on the post-copy method, effectively reduce the occurrence of page fault interruption, and improve the efficiency of VM migration.

show abstract

A Hybrid Post-Quantum Cryptography Driven Key Exchange Scheme for Cloud Computing Environments

Ilias

Sharmila

2023

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

Towards Thwarting Template Side-channel Attacks in Secure Cloud Deduplications

Cited by 19 publications

References 26 publications

Aggregation-Based Tag Deduplication for Cloud Storage with Resistance against Side Channel Attack

Aggregation-Based Tag Deduplication for Cloud Storage with Resistance against Side Channel Attack

A Virtual Machine Migration Strategy Based on the Relevance of Services against Side-Channel Attacks

A Hybrid Post-Quantum Cryptography Driven Key Exchange Scheme for Cloud Computing Environments

Contact Info

Product

Resources

About