Accelerating Secure and Verifiable Data Deletion in Cloud Storage via SGX and Blockchain

TL;DR

SevDel is a novel scheme combining Intel SGX and blockchain to enable secure, verifiable, and efficient data deletion in cloud storage, addressing limitations of traditional methods.

Contribution

This paper introduces SevDel, a new approach that leverages zero-knowledge proofs, SGX, and smart contracts for practical and verifiable data deletion in cloud environments.

Findings

Achieves efficient data deletion verification with high bandwidth savings.

Utilizes zero-knowledge proofs to verify data encryption without retrieving ciphertexts.

Enforces service level agreements and penalties via smart contracts.

Abstract

Secure data deletion enables data owners to fully control the erasure of their data stored on local or cloud data centers and is essential for preventing data leakage, especially for cloud storage. However, traditional data deletion based on unlinking, overwriting, and cryptographic key management either ineffectiveness in cloud storage or rely on unpractical assumption. In this paper, we present SevDel, a secure and verifiable data deletion scheme, which leverages the zero-knowledge proof to achieve the verification of the encryption of the outsourced data without retrieving the ciphertexts, while the deletion of the encryption keys are guaranteed based on Intel SGX. SevDel implements secure interfaces to perform data encryption and decryption for secure cloud storage. It also utilizes smart contract to enforce the operations of the cloud service provider to follow service level agreements with data owners and the penalty over the service provider, who discloses the cloud data on its servers. Evaluation on real-world workload demonstrates that SevDel achieves efficient data deletion verification and maintain high bandwidth savings.