BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Memento EPFL// BEGIN:VEVENT SUMMARY:Mitigating Side Channels in Deduplicating Cloud Storage DTSTART:20181120T101500 DTSTAMP:20260407T101400Z UID:c5d3787e8fb3b14d3b9e402871e98c3b70d4f46d53b1ad694fedd1cc CATEGORIES:Conferences - Seminars DESCRIPTION:Dr. Mohsen Toorani\, Department of Informatics\, University of Bergen\nAbstract: \nOutsourced storage is by now strikingly prevalent fo r individuals and enterprises. Cloud storage providers (CSPs) use deduplic ation for saving bandwidth and storage which helped them to reduce the cos ts tremendously. Deduplication is the process by which CSPs only store one copy of each file\, irrespective of how many times that file is uploaded. Client-side deduplication\, where the client only uploads the file upon t he request of the server\, provides significant storage and bandwidth savi ngs but introduces some security concerns. An adversary can exploit side-c hannel information in several attack scenarios when deduplication takes pl ace at the client side\, leaking information on whether a specific plainte xt exists in the cloud storage. In this talk\, we elaborate on these attac k scenarios on deduplicating cloud storage systems and discuss some possib le countermeasures\, specifically the method of probabilistic uploads. We introduce formal definitions for deduplication strategies and their securi ty in terms of adversarial advantage. Using these definitions\, we provide a criterion for designing good strategies and then prove a bound characte rizing the necessary trade-off between security and efficiency. Generalizi ng existing security definitions\, we introduce formal security games for some possible adversaries in this domain and show that games representing all natural adversarial behaviors are in fact equivalent. These results al low users and practitioners alike to accurately assess the vulnerability o f deployed systems to this real-world concern and identify the steps requi red to mitigate the security risks. \n \nBiography\nMohsen Toorani is a postdoctoral research fellow at the Department of Informatics at the Unive rsity of Bergen. He received his Ph.D. from the University of Bergen in 20 15. Since 2016\, he has been working on a collaborative project with the N orwegian University of Science and Technology on Cryptographic Tools for C loud Security. His research interests include cryptographic protocols and primitives and security of distributed systems. He has served as the edito rial board member\, TPC member\, and reviewer for several journals and con ferences and is a member of the IACR\, IEEE\, and ACM.  LOCATION:BC 420 https://plan.epfl.ch/?room==BC%20420 STATUS:CONFIRMED END:VEVENT END:VCALENDAR