Secure Deduplication – Models and Optimization (DLS in Cybersecurity)

16.11.2017, 16:15 – 17:15

2017/11/16 16:15-2017/11/23 17:15

Organizer: CROSSING / GRK Privacy & Trust / CRISP

Deduplication is a widely used mechanism in cloud storage systems which can greatly increase efficiency. The basic idea is to remove duplicate stored files, replacing copies with a pointer to a single version. Empirical evidence shows that deduplication can be extremely effective in reducing both storage requirements and bandwidth used for uploading. However, deduplication also introduces severe challenges to security. There is an inherent conflict between the use of deduplication and the desire of users to encrypt their files prior to uploading. Even if this problem can be solved, client-side deduplication opens up a side channel which can reveal information to an adversary, as shown in 2010 by Harnik et al.

This talk will examine some of the recent proposals for achieving secure deduplication and consider their strengths and weaknesses. It will outline a formal model for cloud storage and show how security notions for deduplication can be captured within this general framework. This allows for comparison of reasonable definitions of what secure deduplication should mean. We will also consider the extent to which side channels caused by deduplication can be limited. This is joint work with Frederik Armknecht, Gareth Davies, Kristian Gjøsteen, Håvard Raddum and Mohsen Toorani.

Short bio
Colin Boyd is Professor in Information Security at the Norwegian University of Science and Technology (NTNU). He completed a Ph.D. in Mathematics in 1985 at the University of Warwick, UK. After 5 years at British Telecom Research Laboratories, where he first became interested in cryptography and information security, he started an academic career at University of Manchester. In 1995 he emigrated to Australia and spent 18 years at Queensland University of Technology (QUT). During this time he became Research Director at the QUT Information Security Institute. In 2013 he returned to Europe, taking up his current position at NTNU. His main research interests are in cryptographic protocols, especially key exchange. According to Google Scholar his publications have been cited over 10.000 times and he has an h-index of 43. He has supervised 20 successful PhD students as main supervisor.

Distinguished Lectures Series in Cybersecurity
With the Distinguished Lectures Series in Cybersecurity, every semester, we invite outstanding experts from science and industry to Darmstadt to discuss the multifaceted prospects and challenges of IT Security. In the lectures, the speakers present the results of trendsetting research from a variety of disciplines, give overviews of complex topics or show the current state of knowledge in their field of research. The lectures are free and open for everybody without prior registration.

After the lecture there is the possibility to get together.

See past Distinguished Lectures in Cybersecurity in pictures.