DLS in Cybersecurity: Secure Deduplication - Models and Optimization
Location: TU Darmstadt | Piloty Building S2|02 | room C 110 | Hochschulstraße 10 | Darmstadt
Speaker: Colin Boyd, Norwegian University of Science and Technology (NTNU), Norway
Deduplication is a widely used mechanism in cloud storage systems which can greatly increase efficiency. The basic idea is to remove duplicate stored files, replacing copies with a pointer to a single version. Empirical evidence shows that deduplication can be extremely effective in reducing both storage requirements and bandwidth used for uploading. However, deduplication also introduces severe challenges to security. There is an inherent conflict between the use of deduplication and the desire of users to encrypt their files prior to uploading. Even if this problem can be solved, client-side deduplication opens up a side channel which can reveal information to an adversary, as shown in 2010 by Harnik et al.
This talk will examine some of the recent proposals for achieving secure deduplication and consider their strengths and weaknesses. It will outline a formal model for cloud storage and show how security notions for deduplication can be captured within this general framework. This allows for comparison of reasonable definitions of what secure deduplication should mean. We will also consider the extent to which side channels caused by deduplication can be limited. This is joint work with Frederik Armknecht, Gareth Davies, Kristian Gjøsteen, Håvard Raddum and Mohsen Toorani.
Colin Boyd is Professor in Information Security at the Norwegian University of Science and Technology (NTNU). He completed a Ph.D. in Mathematics in 1985 at the University of Warwick, UK. After 5 years at British Telecom Research Laboratories, where he first became interested in cryptography and information security, he started an academic career at University of Manchester. In 1995 he emigrated to Australia and spent 18 years at Queensland University of Technology (QUT). During this time he became Research Director at the QUT Information Security Institute. In 2013 he returned to Europe, taking up his current position at NTNU. His main research interests are in cryptographic protocols, especially key exchange. According to Google Scholar his publications have been cited over 10000 times and he has an h-index of 43. He has supervised 20 successful PhD students as main supervisor.