基于响应模糊化的抗附加块攻击云数据安全去重方法

附加块攻击是威胁云数据跨用户去重安全性的一种重要攻击手段，它通过将随机数量的非命中块附加在待检测文件上，使得云服务商无法判断所检测文件的真实存在性，从而难以通过常规的响应模糊化方法保护云数据的存在性隐私。针对这个问题，提出一种基于响应模糊化的新型抗附加块攻击的云数据安全去重方法。该方法通过计算附加块数量，统计未命中块数，并比较二者以确定响应中包含的最少冗余块数，实现响应模糊化，从而只需付出少量的额外通信开销就可确保攻击者难以根据响应判断所检测文件的存在性。安全性分析和实验结果表明，相比该领域的最新工作，所提方法更高的安全性只需更低的开销，或在开销相当或少量增加的情况下显著提高安全性。

Response obfuscation based secure deduplication method for cloud data with resistance against appending chunk attack

Appending chunk attack is an important attack to threaten the security of cross-user deduplication for cloud data,which works by appending a random number of non-duplicate chunks to the file to be detected,making it impossible for cloud service providers to determine the true existence of the file. Therefore,the existence privacy of cloud data cannot be protected by general ways of response obfuscation methods. To deal with this problem,a new response obfuscation based secure deduplication method with resistance against appending chunk attack was proposed. By calculating the number of appending chunks,counting the number of non-duplicate chunks and comparing these two to determine the minimum number of redundant chunks involved in the response,so as to achieve the obfuscation. As a result,the existence of the checking file was not able to be judged by the attacker according to the response with little extra communication overhead. Security analysis and experimental results show that,compared with the state-of-the-art in this field,the proposed method achieves higher level of security with smaller amount of overhead required,or improves security significantly with comparable or slightly increased overhead.