DeyPoS: Deduplicatable Dynamic Proof of Storage for

Multi-User Environments
ABSTRACT:

Dynamic Proof of Storage (PoS) is a useful cryptographic primitive that enables a

user to check the integrity of outsourced files and to efficiently update the files in a
cloud server. Although researchers have proposed many dynamic PoS schemes in
single user environments, the problem in multi-user environments has not been
investigated sufficiently. A practical multi-user cloud storage system needs the
secure client-side cross-user deduplication technique, which allows a user to skip
the uploading process and obtain the ownership of the files immediately, when
other owners of the same files have uploaded them to the cloud server. To the best
of our knowledge, none of the existing dynamic PoSs can support this technique.
In this paper, we introduce the concept of deduplicatable dynamic proof of storage
and propose an efficient construction called DeyPoS, to achieve dynamic PoS and
secure cross-user deduplication, simultaneously. Considering the challenges of
structure diversity and private tag generation, we exploit a novel tool called
Homomorphic Authenticated Tree (HAT). We prove the security of our
construction, and the theoretical analysis and experimental results show that our
construction is efficient in practice.

EXISTING SYSTEM:

 In most of the existing dynamic PoSs, a tag used for integrity verification is
generated by the secret key of the uploader. Thus, other owners who have
the ownership of the file but have not uploaded it due to the cross-user
deduplication on the client-side, cannot generate a new tag when they update
the file. In this situation, the dynamic PoSs would fail.
  Halevi et al. introduced the concept of proof of ownership which is a
solution of cross-user deduplication on the client-side. It requires that the
user can generate the Merkle tree without the help from the cloud server,
which is a big challenge in dynamic PoS.
 Pietro and Sorniotti proposed another proof of ownership scheme which
improves the efficiency.
 Xu et al.proposed a client-side deduplication scheme for encrypted data, but
the scheme employs a deterministic proof algorithm which indicates that
every file has a deterministic short proof. Thus, anyone who obtains this
proof can pass the verification without possessing the file locally.

DISADVANTAGES OF EXISTING SYSTEM:

 Existing dynamic PoSs cannot be extended to the multi-user environment.

 All existing techniques for cross-user deduplication on the client-side were
designed for static files. Once the files are updated, the cloud server has to
regenerate the complete authenticated structures for these files, which causes
heavy computation cost on the server-side.
 Due to the problem of structure diversity and private tag generation, existing
system cannot be extended to dynamic PoS.
 Unfortunately, these schemes cannot support deduplication due to structure
diversity and private tag generation.

PROPOSED SYSTEM:

 To the best of our knowledge, this is the first work to introduce a primitive
called deduplicatable dynamic Proof of Storage (deduplicatable dynamic
PoS), which solves the structure diversity and private tag generation
challenges.
  In contrast to the existing authenticated structures, such as skip list and
Merkle tree, we design a novel authenticated structure called Homomorphic
Authenticated Tree (HAT), to reduce the communication cost in both the
proof of storage phase and the deduplication phase with similar computation
cost.
 Note that HAT can support integrity verification, dynamic operations, and
cross-user deduplication with good consistency.
 We propose and implement the first efficient construction of deduplicatable
dynamic PoS called Dey-PoS, which supports unlimited number of
verification and update operations. The security of this construction is
proved in the random oracle model, and the performance is analyzed
theoretically and experimentally.

ADVANTAGES OF PROPOSED SYSTEM:

 It is an efficient authenticated structure.

 It is the first practical deduplicatable dynamic PoS scheme called DeyPoS
and proved its security in the random oracle model.
 The theoretical and experimental results show that our DeyPoS
implementation is efficient,
 Performs better especially when the file size and the number of the
challenged blocks are large.
SYSTEM ARCHITECTURE:

MODULES:

 System Construction
 Block Generation
 Deduplicatable Dynamic POS
 Homomorphic Authenticated Tree

MODULES DESCSRIPTION:

System Construction:

 In the first module we develop the System Construction module, to evaluate

and implement a deduplicatable dynamic proof of storage and propose an
 efficient construction called DeyPoS. For this purpose we develop User and
Cloud entities. In User entity, a user can upload a new File, Update uploaded
File blocks and a user can deduplicate other users File by using
deduplicatable dynamic proof of storage.
 Our system model considers two types of entities: the cloud server and
users. For each file, original user is the user who uploaded the file to the
cloud server, while subsequent user is the user who proved the ownership of
the file but did not actually upload the file to the cloud server.
 In the Cloud entity, the cloud first check login authentication of users and
then it gives permission for deduplication process for authenticated users
and users datas are stored in blocks.
 The asymptotic performance of our scheme in comparison with related
schemes, where n denotes the number of blocks, b denotes the number of the
challenged blocks, and |m| denotes the size of one block. From the table, we
observe that our scheme is the only one satisfying the cross-user
deduplication on the client-side and dynamic proof of storage
simultaneously. Furthermore, the asymptotic performance of our scheme is
better than the other schemes except which only provides weak security
guarantee.

Block Generation

 In this module, we develop the Block Generation process. In the update

phase, users may modify, insert, or delete some blocks of the files. Then,
they update the corresponding parts of the encoded files and the
authenticated structures in the cloud server, even the original files were not
uploaded by themselves. Note that, users can update the files only if they
 have the ownerships of the files, which means that the users should upload
the files in the upload phase or pass the verification in the Deduplication
phase.
 Though we can create n-blocks in this module, we split the files into 3
Blocks. The Blocks for files are divided equally accordingly and then the
blocks are uploaded in the Cloud Server too.

Deduplicatable Dynamic POS:

 In this module we focus on a Deduplicatable Dynamic PoS scheme in

multiuser environments. Deduplicatable Dynamic Proof of Storage is used
to deduplicate the other users file with proper authentication but without
uploading the same file.
 Deduplicatable Dynamic Proof of Storage (deduplicatable dynamic PoS),
which solves the structure diversity and private tag generation challenges.
 The main process of this module is Original user is the user who uploaded
the file to the cloud server, while subsequent user is the user who proved the
ownership of the file but did not actually upload the file to the cloud server.
There are five phases in a deduplicatable dynamic PoS system: pre-process,
upload, deduplication, update, and proof of storage.
 In the pre-process phase, users intend to upload their local files. The cloud
server decides whether these files should be uploaded. If the upload process
is granted, go into the upload phase; otherwise, go into the deduplication
phase.
  In the upload phase, the files to be uploaded do not exist in the cloud server .
The original users encodes the local files and upload them to the cloud
server.
 In the deduplication phase, the files to be uploaded already exist in the cloud
server. The subsequent users possess the files locally and the cloud server
stores the authenticated structures of the files. Subsequent users need to
convince the cloud server that they own the files without uploading them to
the cloud server.
 In the update phase, users may modify, insert, or delete some blocks of the
files. Then, they update the corresponding parts of the encoded files and the
authenticated structures in the cloud server, even the original files were not
uploaded by themselves. Note that, users can update the files only if they
have the ownerships of the files, which means that the users should upload
the files in the upload phase or pass the verification in the deduplication
phase. For each update, the cloud server has to reserve the original file and
the authenticated structure if there exist other owners, and record the
updated part of the file and the authenticated structure. This enables users to
update a file concurrently in our model, since each update is only “attached”
to the original file and authenticated structure.
 In the proof of storage phase, users only possess a small constant size
metadata locally and they want to check whether the files are faithfully
stored in the cloud server without downloading them. The files may not be
uploaded by these users, but they pass the deduplication phase and prove
that they have the ownerships of the files.

Homomorphic Authenticated Tree:

  In this module we design a novel authenticated structure called
homomorphic authenticated tree (HAT).For reduce the communication
cost in both the proof of storage phase and the deduplication phase with
similar computation cost. And also HAT can support integrity
verification, dynamic operations, and cross-user deduplication with good
consistency.
 A HAT is a binary tree in which each leaf node corresponds to a data
block. Though HAT does not have any limitation on the number of data
blocks, for the sake of description simplicity, we assume that the number
of data blocks n is equal to the number of leaf nodes in a full binary tree.
 Thus, for a file F = (m1, m2, m3, m4) where mι represents the ι-th block
of the file. Each node in HAT consists of a four-tuple νi = (i, li, vi, ti). i is
the unique index of the node. The index of the root node is 1, and the
indexes increases from top to bottom and from left to right. li denotes the
number of leaf nodes that can be reached from the i-th node. vi is the
version number of the i-th node. ti represents the tag of the i-th node.
 When a HAT is initialized, the version number of each leaf is 1, and the
version number of each non-leaf node is the sum of that of its two
children. For the i-th node, mi denotes the combination of the blocks
corresponding to its leaves. The tag ti is computed from F(mi), where F
denotes a tag generation function.

SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:

 System : Pentium Dual Core.

  Hard Disk : 120 GB.
 Monitor : 15’’ LED
 Input Devices : Keyboard, Mouse
 Ram : 1GB.

SOFTWARE REQUIREMENTS:

 Operating system : Windows 7.

 Coding Language : JAVA/J2EE
 Tool : Netbeans 7.2.1
 Database : MYSQL
REFERENCE:

Kun He, Jing Chen, Ruiying Du, Qianhong Wu, Guoliang Xue, and Xiang Zhang,
“DeyPoS: Deduplicatable Dynamic Proof of Storage for Multi-User
Environments”, IEEE Transactions on Computers, 2016.