This document proposes a new technique called Dekey for secure deduplication in cloud storage. Dekey distributes convergent keys across multiple key servers to reduce key overhead and improve security compared to traditional convergent encryption. The document outlines issues with traditional encryption approaches, describes the baseline convergent encryption approach and issues with it, and then introduces the Dekey approach. Dekey supports both file-level and block-level deduplication while providing cost efficiency, security, and reliability through distributed convergent key management across multiple servers.

1. SECURE DEDUPLICATON WITH
EFFICIENT AND RELIABLE
CONVERGENT KEY
MANAGEMENT
ABRAHAM GEORGE JOHN
S7,CSE
ROLL NO:1
1

2. CONTENTS
1. Introduction
2. Literature Survey
3. Problem Definition
4. Implementation
5. Proposed system
6. Analysis
7. Conclusion
8. References
2

3. 1.INTRODUCTION
 CLOUD STORAGE:
It is a service model in which data is maintained,
managed, backed up remotely and made available to
users over a network .
 DEDUPLICATION:
Data deduplication is a technique for eliminating
duplicate copies of data and has been widely used in
cloud storage to increase the storage space and
upload bandwidth.
 Secure deduplication in cloud storage is an arising
challenge
3

4.  Different encrypion methods are use for secure
deduplication
 This paper makes the first attempt to formally
efficient and reliable key management in secure
deduplication.
 Here we propose Dekey, in which users do not need
to manage the keys on their own
 The key is shares across multiple servers.
 Security analysis demonstrates that Dekey is secure in
terms of the definitions specified in the proposed
security model.
4

5.  Secure Deduplication with Efficient and Reliable
Dekey Management with the Proof of Ownership-
M.Shankari1, V.Sheela2, S.Rajesh3
 Secure Deduplication Using De Key with Efficient and
Reliable Convergent Key Management in Cloud
Storage- R. Thilagavathi, S. Ramasamy and R.K. Gnanamurthy
 Secure Deduplication and Data Security with Efficient
and Reliable Convergent Key Management- Nikhil O.
Agrawal1, Prof.S.S.Kulkarni2
5
2. LITERATURE SURVEY

6. 3.PROBLEM DEFINITION
3.1 TRADITIONAL ENCRYPTION
 In traditional, different users use their own key to
encrypt their data.
 Identical data copies of different users will lead to
different ciphertexts
 Deduplication become impossible.
6

7. TRADITIONAL ENCRYPTION
7

8. 3.2 CONVERGENT ENCRYPTION
 Convergent encryption, also known as content hash
keying, is a cryptosystem
 It encrypt/decrypt data copy with a convergent key.
 Convergent key is derived by computing
cryptographic hash value of the data copy itself.
 Encryption is deterministic
 Identical data copies will generate the same
convergent key and the same ciphertext.
8

9.  After key generation and data encryption, users
retain the keys and send the ciphertext to the cloud
 This application is used in cloud computing to
remove duplicate files from storage
 The ciphertexts can only be decrypted by the
corresponding data owners with their convergent
keys
 Providing high-quality and consistent performance.
9

10. CONVERGENT ENCRYPTION
10

11. 3.3 Baseline approach.
 The original data copy is first encrypted with a
convergent key derived by the data copy itself.
 The convergent key is then encrypted by a master key
that will be kept locally and securely by each user.
 The encrypted convergent keys are then stored, along
with the corresponding encrypted data copies, in cloud
storage
 The master key can be used to recover the encrypted
keys and hence the encrypted files.
11

12. BASELINE APPROACH (KEEPING THE HASH
KEY WITH AN ENCRYPTION SCHEME)
12

13. 3.4 DEPLOYMENT ISSUES
3.4.1 Huge number of keys
• Master key concept generates enormous number of
keys with the increasing number of users.
• Each user must associate an encrypted convergent
key with each block of its outsourced encrypted
data copies.
• Therefore number of convergent keys being
introduced linearly scales with the number of blocks
being stored and the number of users.
13

14. 3.4.2 Data loss
• Each user has to dedicatedly protect his own master
key.
• If the master key is accidentally lost, then the user
data cannot be recovered; if it is compromised by
attackers, then the user data will be leaked.
14

15. 4.PROPOSED SYSTEM
4.1 DEKEY
 In this technque instead of using normal encryption
and decryption , Triple DES Technique is used.
 Plain text is encrypted triple times with the
convergent key so that our data will be secured.
 It outsource the convergent keys to third party key
Management server securely.
15

16.  Dekey supports both file-level and block level
deduplications
 Cost efficiency is achieved as multiple users is just
referred and not newly added
 Deleting content of shared file of different user will
allow deleting only convergent keys references not
content stored in server.
16

17. 5.IMPLEMENTATION
Modules in the system are:
 Mastering file to cloud service provider.
 Chuncking the file chosen.
 DeKey based encryption.
 Hash value based decryption.
17

18. 5.1 MASTERING FILE TO CLOUD SERVICE
PROVIDER:
 User is an entity which wants to outsource data storage to
the storage cloud service provider (S-CSP) and access the
data later
 User registers to the cloud and logs in to it.
 User chooses the file and uploads to server where the
server store the file in rapid storage system and file level
de-duplication is checked.
 Administrator tags the file by using MD5 message.
 Digest algorithm used is cryptographic hash function
producing a 128-bit hash value. 18

19. MASTERING FILE TO CLOUD SERVICE
PROVIDER
19

20. 5.2 CHUNKING THE FILE CHOSEN
 First, file chosen is broken into chunks of fixed size and
generates tags for each of them.
 After that it generates convergent keys for each blocks to verify
block level deduplication
 Then filename and password is provided for file authorization.
 Encrypt the blocks by Triple Data Encryption Standard (3DES)
algorithm.
 The original content is encrypted as cipher text and stored in
Storage Cloud Service Provider (S-CSP) file storage system.
20

21. CHUNKING THE FILE CHOSEN
21

22. 5.3DEKEY BASED ENCRYPTION
 After encryption the convergent keys are securely shared with
Key Management Cloud Service Provider (KMCSP)
 Key management server checks duplicate copies of convergent
keys in KMCSP.
 Key Management Server maintains Comma Separated Values
(CSV) file to check proof of verification and store keys secure.
22

23. DEKEY BASED ENCRYPTION
23

24. 5.4HASH VALUE BASED DECRYPTION
 In the final model user requests for the downloading
their own document which was uploaded earlier.
 This download request needs proper ownership
verification.
 After verification, the original content is decrypted
by requesting the cloud server.
 The cloud server request key management server for
keys to decrypt this and finally the original content is
received by the user. 24

25. HASH VALUE BASED DECRYPTION:
25

26. 6.ANALYSIS
6.1 ADVANTAGES
 It reduces key overheads by creating share keys
 Shared in different KM-CPs
 It is more secure since the key share
 It reduces the single point failure by distributing keys
shared in different KM-CSPs
26

27. 6.3 APPLICATION
 Both commercial and industrial application.
 Useful for enterprises and organizations which uses
cloud storage for outsource data.
27

28. 7. CONCLUSION
 Proposed a novel technology Dekey.
 By distributing convergent key shares across multiple
key servers.
 So it reduces key overhead in convergent encryption.
 It uses POW to ensure the confidentiality of data.
 Dekey is more secure,reliable & efficient than the all
other existing schemes. 28

29. 8.REFERENCE
 OpenSSL Project. [Online]. Available:
http://www.openssl.org/..
 NIST’s Policy on Hash Functions, Sept. 2012.
[Online].
Available:http://csrc.nist.gov/groups/ST/hash/policy.html
 P. Anderson and L. Zhang, ‘‘Fast and Secure Laptop
Backups with Encrypted De-Duplication,’’ in Proc.
USENIX LISA, 2010,pp. 1-8.
29