Network Bandwidth And Data Upload Time

1238 WordsAug 13, 20155 Pages
Though client-side deduplication brings in advantages such as reduction of network bandwidth and data upload time, several security threats are associated with it. These threats have to be addressed in order to reap the full potential of client-side deduplication. Halevi et al. [3] identified various threats that affect a remote storage system that implements client-side deduplication. First, in traditional storage systems, privacy and confidentiality are compromised when an attacker learns the hash value of a file and gains access to the entire file from the server. For example, Dropbox uses Secure Hash Algorithm 256 (SHA256) in a straightforward manner; thus, it is possible for an attacker to obtain hashes for confidential files of others. Using the hash, a hacker can easily download an unauthorized file from the server. A practical way for performing this hack is demonstrated by the use of Dropship application programming interface (API) utilities for Dropbox which allows a hacker to download confidential files of others from Dropbox servers by obtaining the file hashes. This is comparatively easy to obtain, and exploiting the weak client-side deduplication technique that is applied [4]. Second, if an attacker can access the server cache then all confidential hashes will be disclosed. Hence the attacker can make the cloud storage service behave as a content distribution network (CDN) by publishing the hacked hash values. In a case where the files hashes are published
Open Document