REED: Rekeying for Encrypted Deduplication Storage

Introduction

REED is an encrypted deduplication storage system with rekeying enabled. Specifically, it can replace an existing key with a new key so as to protect against key compromise and enable dynamic access control. REED builds on a deterministic version of all-or-nothing transform (AONT) for secure and lightweight rekeying, while preserving the deduplication capability. It also exploits similarity to mitigate key generation overhead. We implement a REED prototype with various performance optimization techniques.

Publications

Chuan Qin, Jingwei Li, and Patrick P. C. Lee.
"The Design and Implementation of a Rekeying-aware Encrypted Deduplication Storage System."
ACM Transactions on Storage, vol. 13(1), pp. 9:1-9:30, February 2017.
Jingwei Li, Chuan Qin, Patrick P. C. Lee, and Jin Li.
"Rekeying for Encrypted Deduplication Storage."
Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2016) (Regular paper), Toulouse, France, June 2016.

Download

Version 1.1 (December 2017) reed-1.1.tar.gz (md5sum: 4a71d0396ec53e241fc95badba063c0f)
Version 1.0 (April 2016) reed-1.0.0.tar.gz (md5sum: bbc1362bb87203c640314474deea4d14)
README is included in the tarball.
ChangeLog

People

REED is developed by the Applied Distributed Systems Lab in the Department of Computer Science and Engineering at the Chinese University of Hong Kong (CUHK).

Jingwei Li
Chuan Qin
Patrick P. C. Lee

License

The source code of REED is released under the GNU/GPL license.