Steganographic file system

Steganographic file system

Steganographic file system are a kind of file system first proposed by Ross Anderson, Roger Needham, and Adi Shamir. Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know of the existence of any higher levels , or an entire partition is filled with random bits and files hidden in it.

In a steganographic file system using the second scheme, files are not merely stored, nor stored encrypted, but the entire partition is randomized - encrypted files strongly resemble randomized sections of the partition, and so when files are stored on the partition, there is no easy way to discern between meaningless gibberish and the actual encrypted files. Furthermore, locations of files are derived from the key for the files, and the locations are hidden and available to only programs with the passphrase. This leads to the problem that very quickly files can overwrite each other (because of the Birthday Paradox); this is compensated for by writing all files in multiple places to lessen the chance of data loss.


While there may seem to be no point to a file system which is guaranteed to either be grossly inefficient storage space-wise or to cause data loss and corruption either from data collisions or loss of the key (in addition to being a complex system, and for having poor read/write performance), performance was not the goal of StegFS. Rather, StegFS is intended to thwart "rubberhose attacks", which usually work because encrypted files are distinguishable from regular files, and authorities can coerce the user until the user gives up the keys and all the files are distinguishable as regular files. However, since in a steganographic file system, the number of files are unknown and every byte looks like an encrypted byte, the authorities cannot know how many files (and hence, keys) are stored. The user has plausible deniability- he can say there are only a few innocuous files or none at all, and anybody without the keys cannot gainsay the user.

Other methods

Other methods exist; the method laid out before is the one implemented by StegFS, but it is possible to steganographically hide data within image or audio files- ScramDisk or the Linux loopback device can do this.Fact|date=February 2007

Generally, a steganographic file system is implemented over a steganographic layer, which supplies just the storage mechanism. For example, the steganographic file system layer can be some existing MP3 files, each file contains a chunk of data (or a part of the file system). The final product is a file system that is hardly detected (depending on the steganographic layer) that can store any kind of file in a regular file system hierarchy.

ee also

* Filesystem-level encryption
* OZONE - an OS featuring a steganographic file system implementation

External links

* [ Original paper] by Anderson, Needham, "et al" -(gzipped PostScript file)
* [ ScramDisk]
* [ A MP3 Steganographic File System Approach]
* [ MagikFS - The Steganographic FileSystem]
* [ StegFS - A Steganographic File System Without Data Losing Problems]
* [ StegHide - Hiding Data Accesses in Steganographic File Systems]
* [ Xuan Zhou's Ph.D. Thesis on Steganographic File System]

Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Steganography — is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even realizes there is a hidden message. By contrast, cryptography obscures the meaning of a message, but it does not conceal …   Wikipedia

  • StegFS — is a free file system for Linux. It is licensed under the GPL. It was principally developed by Andrew D. McDonald and Markus G. Kuhn. It is a steganographic file system based on the ext2 filesystem.The last version of StegFS is 1.1.4, released… …   Wikipedia

  • Ext2 — infobox filesystem name = ext2 full name = Second extended file system developer = Rémy Card introduction os = Linux introduction date = January 1993 partition id = Apple UNIX SVR2 (Apple Partition Map) 0x83 (Master Boot Record) EBD0A0A2 B9E5… …   Wikipedia

  • Filesystem-level encryption — Filesystem level encryption, often called file or folder encryption, is a form of disk encryption where individual files or directories are encrypted by the file system itself. This is in contrast to full disk encryption where the entire… …   Wikipedia

  • OZONE — For other uses, see Ozone (disambiguation). OZONE Company / developer Mike Rieker Source model Open source Kernel type Monolithic License GNU General Public License …   Wikipedia

  • Ross J. Anderson (professor) — Infobox Scientist name = Ross Anderson caption = Ross Anderson in 2008 birth date = birth date|1956|9|15|df=y residence = United Kingdom nationality = British field = Computer science work institution = University of Cambridge Computer Laboratory …   Wikipedia

  • Tapestry (DHT) — Tapestry is a distributed hash table which provides a decentralized object location, routing, and multicasting infrastructure for distributed applications. It is composed of a peer to peer overlay network offering efficient, scalable, self… …   Wikipedia

  • StegFS — ● sg. np. m. ►GESTFICH Steganographic File System. système de fichiers stéganographique, qui non seulement crypte les données, mais en plus les dissimule de façon qu on ne puisse pas prouver qu elles sont là... Distribué sous licence GPL.… …   Dictionnaire d'informatique francophone

  • Disk encryption software — To protect confidentiality of the data stored on a computer disk a computer security technique called disk encryption is used. This article discusses software that is used to implement the technique (for cryptographic aspects of the problem see… …   Wikipedia

  • ImageMagick — Тип графическая программа Разработчик …   Википедия

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”