Oblivious PRF on Committed Vector Inputs and Application to Deduplication of Encrypted Data

Abstract

Ensuring secure deduplication of encrypted data is a very active topic of research because deduplication is effective at reducing storage costs. Schemes supporting deduplication of encrypted data that are not vulnerable to content guessing attacks (such as Message Locked Encryption) have been proposed recently [Bellare et al. 2013, Li et al. 2015]. However in all these schemes, there is a key derivation phase that solely depends on a short hash of the data and not the data itself. Therefore, a file specific key can be obtained by anyone possessing the hash. Since hash values are usually not meant to be secret, a desired solution will be a more robust oblivious key generation protocol where file hashes need not be kept private. Motivated by this use-case, we propose a new primitive for oblivious pseudorandom function (OPRF) on committed vector inputs in the universal composable (UC) framework. We formalize this functionality as \\(\\mathcal {F}_\\mathsf {OOPRF}\\), where \\(\\mathsf {OOPRF}\\) stands for Ownership-based Oblivious PRF. \\(\\mathcal {F}_\\mathsf {OOPRF}\\) produces a unique random key on input a vector digest provided the client proves knowledge of a (parametrisable) number of random positions of the input vector.