trademark
2c2kIhh
2c2kIhh
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
7.0 Cryptographic Technologies for Big Data (cont.)<br />
masking, the proposed scheme is able to preserve data privacy when a TPA audits the<br />
data set stored in the servers at different tiers.<br />
7.10 Consider convergent encryption for deduplication<br />
7.10.1 Why?<br />
To improve efficiency of storage usage. Data stored on a cloud is typically encrypted.<br />
However, using common encryption scheme, even the same file results in different<br />
ciphertext. Since the cloud service provider cannot tell whether they are actually the<br />
identical data or not, there may be a situation where duplicated copies of the same data<br />
may unnecessarily remain on the cloud.<br />
7.10.2 How?<br />
If deduplication is desired, convergent encryption scheme—which was originally<br />
proposed in [SGLM08]—can be considered. It uses an encryption key that is<br />
deterministically derived from the plaintext data to be encrypted (i.e. cryptographic hash<br />
value of the data, and thereby the resulting ciphertext becomes identical). This way,<br />
deduplication of the identical data is made possible.<br />
CLOUD SECURITY ALLIANCE Big Data Working Group Guidance<br />
© Copyright 2016, Cloud Security Alliance. All rights reserved.<br />
42