University of Calgary
Cloud storage service providers such as dropbox, mozy, and others perform de-duplication to save space by only storing one copy of each file uploaded. Should clients conventionally encrypt their files, however, savings are lost. Message-locked encryption (the most prominent manifestation of which is convergent encryption) resolves this tension. However it is inherently subject to brute-force attacks that can recover files falling into a known set. The authors propose an architecture that provides secure de-duplicated storage resisting brute-force attacks, and realize it in a system called DupLESS.