Secure data deletion enables data owners to fully control the erasure of their data stored on local or cloud data centers and is essential for preventing data leakage, especially for cloud storage. However, traditional data deletion based on unlinking, overwriting, and cryptographic key management either ineffectiveness in cloud storage or rely on unpractical assumption. In this paper, we present SevDel, a secure and verifiable data deletion scheme, which leverages the zero-knowledge proof to achieve the verification of the encryption of the outsourced data without retrieving the ciphertexts, while the deletion of the encryption keys are guaranteed based on Intel SGX. SevDel implements secure interfaces to perform data encryption and decryption for secure cloud storage. It also utilizes smart contract to enforce the operations of the cloud service provider to follow service level agreements with data owners and the penalty over the service provider, who discloses the cloud data on its servers. Evaluation on real-world workload demonstrates that SevDel achieves efficient data deletion verification and maintain high bandwidth savings.

翻译：安全数据删除使数据所有者能够完全管控存储在本地或云端数据中心的数据擦除过程，对于防止数据泄露至关重要，特别是在云存储场景中。然而，基于解除链接、覆写和密钥管理的传统数据删除方法在云环境中存在效果不彰或依赖不切实际假设的问题。本文提出SevDel——一种安全可验证的数据删除方案，该方案利用零知识证明在不获取密文的前提下实现外包数据加密的验证，同时基于英特尔SGX保障加密密钥的删除操作。SevDel提供安全接口执行云端数据加密与解密操作，并采用智能合约强制云服务提供商遵循与服务对象约定的服务等级协议，对泄露服务器端云端数据的提供商实施惩罚机制。在实际工作负载下的评估表明，SevDel能够实现高效的数据删除验证并保持较高的带宽节省效果。