PerfectDedup is a new scheme that enables the cloud to securely deduplicate redundant data when it is encrypted. PerfectDedup relies on the use of different encryption techniques based on the popularity of the data: Popular data are protected under convergent encryption and can therefore be deduplicated; unpopular data segments which are likely to remain unique are protected under semantically-secure symmetric encryption.
Compared to existing solutions which mostly support file-level deduplication, PerfectDedup achieves secure deduplication at the block level which sometimes leads to higher storage space savings compared to file-level deduplication. Furthermore, compared to a similar solution which also differentiates data protection depending on data popularity, PerfectDedup significantly reduces the storage and communication overhead and optimizes the computational cost as it relies on symmetric encryption techniques only.
PerfectDedup relies on a popularity-based secure deduplication solution that defines different encryption techniques for popular and unpopular data. In order to use the adequate encryption technique, a user first needs to discover the popularity of her data segment. Hence PerfectDedup defines a novel secure lookup protocol that leverages a secure perfect hash function (PHF) which given an input set of n convergently encrypted data segments, finds a collision-free hash function that maps the ID of each encrypted data segment to an integer.In addition to the cloud server, PerfectDedup introduces a semi-trusted server called Index Service (IS) which is responsible for keeping track of unpopular blocks and therefore helps the user handle the popularity transition that is the phase in which a block becomes popular and the convergent encrypted version needs to be uploaded.
PerfectDedup can be used by any cloud storage applications and will offer data confidentiality for end-users while allowing deduplication and hence optimized their storage space.