1. Technical Field
Systems and methods consistent with exemplary embodiments relate to encryption and key management in a cloud storage.
2. Discussion of Related Art
As the use of cloud-based storage and file sharing becomes more widespread, ensuring security and privacy in uploading and/or downloading data while also reducing cost to end-consumers and enterprises has become gradually more important. One tool for decreasing cost is increasing server and space utilization rate through virtualization and introducing multi-tenancy in the cloud service, i.e., offering a “public cloud”. However, when a plurality of users exchange and share data in the public cloud, the demand for technology for securely delivering data between the users has gradually increased.
Secure sockets layer (SSL) is primarily used to encrypt data sent over the public cloud. However, using SSL, a terminal manages a separate certificate for issuing a private key, thereby imposing a burden for certificate management on the terminal. Also, safety in a key issuance process may not be ensured. In particular, when a large number of files are shared among a plurality of users, key management may become complicated. Moreover, efficiency of a cloud storage may be reduced since the same data may be encrypted multiple times with different encryption keys due to multiple users. Not only, this sets bigger strain on computing resources, but also, when same data is encrypted with different keys, it produces different encrypted files, which hinders the operation of de-duplication systems that aim to reduce storage.