Secure cloud storage with anonymous deduplication using ID-based key management

Cloud storage systems have been turned into the primary services of Internet users nowadays. While the application of such systems is exponentially increasing, deduplication algorithms help face scalability issues. Although source-side deduplication optimizes both storage and bandwidth, the main concern that deduplication algorithms suffer from is still data confidentiality. Message-locked encryption (MLE) is a well-known key management framework for secure deduplication to provide confidentiality. This framework is the basis of almost all the proposed secure deduplication solutions. Even though there are lots of literature works trying to provide secure deduplication algorithms, to the best of our knowledge, none of them provide an effective anonymity service for data owners. In this paper, we propose an N-anonymity algorithm to provide an effective anonymity service, capable of prohibiting even the cloud storage provider from knowing which users are storing the same data. The algorithm is analytically studied, and the results are validated by exhaustive implementations using real data. Furthermore, we propose an ID-based key management algorithm as the cornerstone of the secure cloud storage system. The proposed algorithm, which could be considered as an asymmetric extension of MLE, is easy to implement and compatible with the existed cloud architectures as well as the proposed anonymity-based deduplication system.