Deduplication is a widely used technique in storage services, since it affords a very efficient usage of resources-being especially effective for consumer-grade storage services (e.g. Dropbox). Deduplication has been shown to suffer from several security weaknesses, the most severe ones enabling a malicious user to obtain possession of a file it is not entitled to. Standard solutions to this problem require users to prove possession of data prior to its upload. Unfortunately, the schemes proposed in the literature are very taxing on either the server or the client side. In this paper, we introduce a novel solution based on Bloom filters that provides a flexible, scalable, and provably secure solution to the weaknesses of deduplication, and that overcomes the deficiencies of existing approaches. We provide a formal description of the scheme, a thorough security analysis, and compare our solution against multiple existing ones, both analytically and by means of extensive benchmarking. Our results confirm the quality and viability of our approach.