Secure and Efficient Cloud Ciphertext Deduplication Based on SGX

With the development of data outsourcing technology, the data stored by cloud storage servers are exploding. Secure deduplication for encrypted data helps cloud servers reduce storage overhead in the scenario that cloud users outsource their data in ciphertext. To satisfy client-side semantic security, most existing deduplication schemes for encrypted data need trusted third parties. However, trusted third parties are difficult to deploy and may cause potential risks. Therefore, we propose a secure cloud ciphertext deduplication scheme based on Intel SGX. The proposed scheme uses the Enclave security container provided by Intel SGX as the trusted execution environment on the cloud server to replace the trusted third party to perform sensitive operations. At the same time, our scheme simplifies the secure management of the file encryption keys so that the encryption key of the files with the same data can be securely distributed to other owners of the same file without the need for the original uploader online. We prove the security of the proposed scheme and the experiment shows the efficiency of the scheme.