|Authors||C. Boyd, G. T. Davies, K. Gjøsteen, H. Raddum and M. Toorani|
|Title||Definitions for Plaintext-Existence Hiding in Cloud Storage|
|Publication Type||Proceedings, refereed|
|Year of Publication||2018|
|Conference Name||Proceedings of the 13th International Conference on Availability, Reliability and Security|
|Place Published||New York, NY, USA|
|Keywords||Cloud based storage, information systems, security and privacy|
Cloud storage services use deduplication for saving bandwidth and storage. An adversary can exploit side-channel information in several attack scenarios when deduplication takes place at the client side, leaking information on whether a specific plaintext exists in the cloud storage. Generalising existing security definitions, we introduce formal security games for a number of possible adversaries in this domain, and show that games representing all natural adversarial behaviors are in fact equivalent. These results allow users and practitioners alike to accurately assess the vulnerability of deployed systems to this real-world concern.