AF-Dedup: Secure Encrypted Data Deduplication Based on Adaptive Dynamic Merkle Hash Forest PoW for Cloud Storage

For encrypted data deduplication, proof of ownership (PoW) verifies a client's ownership of an entire file, preventing malicious users from exploiting a single segment of information to gain access to the file. By establishing the identity of two users who possess the same file, cloud service provider (CSP) can maintain a single copy for the file, enabling deduplication. However, existing PoW schemes based on Merkle hash tree (MHT) cannot guarantee the security of small files. Therefore, we propose a novel data structure named adaptive dynamic Merkle hash forest (ADMHF) for PoW, and present an encrypted data deduplication scheme called AF-Dedup. It reduces the risks of data content exposure resulting from multiple ownership verification attempts in traditional schemes. Specifically, we first construct the file tag as a unique identifier of the file. Second, different encryption schemes are employed depending on the popularity of the data. Then, the corresponding ADMHF is generated for subsequent ownership verifications. After security analysis and simulation experiments, our scheme is proven to significantly enhance the security of small files. In a given situation for files with only two blocks, our scheme achieves the same level of security as the existing scheme for a file with 91 blocks.