- Steganographic file system
Steganographic file system are a kind of
file system first proposed byRoss Anderson ,Roger Needham , andAdi Shamir . Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know of the existence of any higher levels , or an entire partition is filled with random bits and files hidden in it.In a steganographic file system using the second scheme,
file s are not merely stored, nor stored encrypted, but the entire partition is randomized - encrypted files strongly resemble randomized sections of the partition, and so when files are stored on the partition, there is no easy way to discern between meaningless gibberish and the actual encrypted files. Furthermore, locations of files are derived from the key for the files, and the locations are hidden and available to only programs with the passphrase. This leads to the problem that very quickly files can overwrite each other (because of theBirthday Paradox ); this is compensated for by writing all files in multiple places to lessen the chance of data loss.Advantage
While there may seem to be no point to a file system which is guaranteed to either be grossly inefficient storage space-wise or to cause data loss and corruption either from data collisions or loss of the key (in addition to being a complex system, and for having poor read/write performance), performance was not the goal of StegFS. Rather, StegFS is intended to thwart "rubberhose attacks", which usually work because encrypted files are distinguishable from regular files, and authorities can coerce the user until the user gives up the keys and all the files are distinguishable as regular files. However, since in a steganographic file system, the number of files are unknown and every byte looks like an encrypted byte, the authorities cannot know how many files (and hence, keys) are stored. The user has
plausible deniability - he can say there are only a few innocuous files or none at all, and anybody without the keys cannot gainsay the user.Other methods
Other methods exist; the method laid out before is the one implemented by
StegFS , but it is possible to steganographically hide data within image or audio files-ScramDisk or the Linuxloopback device can do this.Fact|date=February 2007Generally, a steganographic file system is implemented over a steganographic layer, which supplies just the storage mechanism. For example, the steganographic file system layer can be some existing MP3 files, each file contains a chunk of data (or a part of the file system). The final product is a file system that is hardly detected (depending on the steganographic layer) that can store any kind of file in a regular file system hierarchy.
ee also
*
Filesystem-level encryption
*OZONE - an OS featuring a steganographic file system implementationExternal links
* [http://www.cl.cam.ac.uk/ftp/users/rja14/sfs3.ps.gz Original paper] by Anderson, Needham, "et al" -(gzipped
PostScript file)
* [http://www.scramdisk.clara.net/ ScramDisk]
* [http://www.evilbitz.com/2006/10/22/an-mp3-steganographic-file-system-approach/ A MP3 Steganographic File System Approach]
* [http://magikfs.sourceforge.net/ MagikFS - The Steganographic FileSystem]
* [http://csdl.computer.org/comp/proceedings/icde/2003/2071/00/20710657abs.htm StegFS - A Steganographic File System Without Data Losing Problems]
* [http://csdl.computer.org/comp/proceedings/icde/2004/2065/00/20650572abs.htm StegHide - Hiding Data Accesses in Steganographic File Systems]
* [http://www.l3s.de/~zhou/Publication/StegFS-thesis.pdf Xuan Zhou's Ph.D. Thesis on Steganographic File System]
Wikimedia Foundation. 2010.
