Go to OpenReview Public Article ORCID homepagePopeDup: Popularity-Based Encrypted Deduplication With Privacy Learning Attacks Resistance and Protected Thresholds
Abstract: Popularity-based encrypted deduplication assigns popularity thresholds to outsourced data, and balances data security and storage efficiency by classifying data based on its number of owners (i.e. popularity) and threshold. Several schemes have been proposed to address various issues in popularity-based secure deduplication, but they still have drawbacks. Firstly, most of existing schemes are vulnerable to privacy learning attacks (PLAs). An adversary could infer users’ privacy through launching PLAs, which is a severe security threat. Additionally, unprotected reasonable thresholds in existing schemes incur the leakage of data sensitivity and compromise data privacy. In this paper, we propose PopeDup, a popularity-based encrypted deduplication scheme with PLAs resistance and protected thresholds. On the one hand, we design a two-phase server-aided tag generation method to protect the information about which users hold identical data for defending against PLAs. On the other hand, based on threshold signature scheme, we implement protected thresholds to preserve the reasonability of user-assigned thresholds while protecting data sensitivity. Moreover, we design a popularity detection method tailored for protected thresholds by utilizing the property of threshold signature scheme, called oblivious popularity detection, through which popularity level can be transmitted without revealing thresholds. We conduct a comprehensive security analysis and experimental evaluations on PopeDup. The results show that PopeDup provides stronger security protection with limited overhead compared with existing schemes.
External IDs:doi:10.1109/tifs.2025.3586515
Loading