More Web Proxy on the site http://driver.im/

research-article

A multi-user steganographic file system on untrusted shared storage

Authors:

HweeHwa PangAuthors Info & Claims

ACSAC '10: Proceedings of the 26th Annual Computer Security Applications Conference

Pages 317 - 326

https://doi.org/10.1145/1920261.1920309

Published: 06 December 2010 Publication History

Abstract

Existing steganographic file systems enable a user to hide the existence of his secret data by claiming that they are (static) dummy data created during disk initialization. Such a claim is plausible if the adversary only sees the disk content at the point of attack. In a multi-user computing environment that employs untrusted shared storage, however, the adversary could have taken multiple snapshots of the disk content over time. Since the dummy data are static, the differences across snapshots thus disclose the locations of user data, and could even reveal the user passwords.

In this paper, we introduce a Dummy-Relocatable Steganographic (DRSteg) file system to provide deniability in multi-user environments where the adversary may have multiple snapshots of the disk content. With its novel techniques for sharing and relocating dummy data during runtime, DRSteg allows a data owner to surrender only some data and attribute the unexplained changes across snapshots to the dummy operations. The level of deniability offered by DRSteg is configurable by the users, to balance against the resulting performance overhead. Additionally, DRSteg guarantees the integrity of the protected data, except where users voluntarily overwrite data under duress.

References

[1]

eCryptfs, a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. https://launchpad.net/ecryptfs.

[2]

Encrypting File System in Windows XP and Windows Server 2003. http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx.

[3]

R. J. Anderson and E. Biham. Two practical and provably secure block ciphers: Bears and lion. In Proceedings of the Third International Workshop on Fast Software Encryption, pages 113--120, 1996.

Digital Library

[4]

R. J. Anderson, R. M. Needham, and A. Shamir. The steganographic file system. In Proceedings of the 2nd International Workshop on Information Hiding, pages 73--82, 1998.

[5]

M. Blaze. A cryptographic file system for unix. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 9--16, 1993.

Digital Library

[6]

R. Canetti, C. Dwork, M. Naor, and R. Ostrovsky. Deniable encryption. In Proceedings of the 38th Annual IEEE Symposium on Foundations of Computer Science, pages 90--104, 1997.

Digital Library

[7]

G. Cattaneo, L. Catuogno, A. D. Sorbo, and P. Persiano. The design and implementation of a transparent cryptographic file system for unix. In Proceedings of the 2001 USENIX Annual Technical Conference, pages 199--212, 2001.

Digital Library

[8]

C. Diaz, C. Troncoso, and B. Preneel. A framework for the analysis of mix-based steganographic file systems. In Proceedings of the 13th European Symposium on Research in Computer Security, pages 428--445, 2008.

Digital Library

[9]

J. Domingo-Ferrer and M. Bras-Amorós. A shared steganographic file system with error correction. In Proceedings of the 5th International Conference on Modeling Decisions for Artificial Intelligence, pages 227--238, 2008.

Digital Library

[10]

C. Giefer and J. Letchner. Mojitos: A distributed steganographic file system. Technical report, Univerisity of Washington, 2004.

[11]

F. Graf and S. D. Wolthusen. A capability-based transparent cryptographic file system. In Proceedings of the 2005 International Conference on Cyberworlds, pages 101--108, 2005.

Digital Library

[12]

S. Hand and T. Roscoe. Mnemosyne: Peer-to-peer steganographic storage. In Proceedings of the First International Workshop on Peer-to-Peer Systems, pages 130--140, 2002.

Digital Library

[13]

E. Kushilevitz and R. Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In Proceedings of the Annual IEEE Symposium on Foundations of Computer Science, pages 364--373, 1997.

Digital Library

[14]

L. Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11), 1981.

Digital Library

[15]

A. D. McDonald and M. G. Kuhn. StegFS: A steganographic file system for Linux. In Proceedings of the 3rd International Workshop on Information Hiding, pages 462--477, 2000.

Digital Library

[16]

H. Pang, K.-L. Tan, and X. Zhou. StegFS: A steganographic file system. In Proceedings of the 19th International Conference on Data Engineering, pages 657--668, 2003.

[17]

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM Conference on Computer and Communications Security, pages 199--212, 2009.

Digital Library

[18]

C. Troncoso, C. Diaz, O. Dunkelman, and B. Preneel. Traffic analysis attacks on a continuously-observable steganographic file system. In Proceedings of the 9th Information Hiding, pages 220--236, 2008.

Digital Library

[19]

C. P. Wright, M. C. Martino, and E. Zadok. NCryptfs: A secure and convenient cryptographic file system. In Proceedings of the 2003 USENIX Annual Technical Conference, pages 197--210, 2003.

[20]

X. Zhou, H. Pang, and K.-L. Tan. Hiding data accesses in steganographic file system. In Proceedings of the 20th International Conference on Data Engineering, pages 572--583, 2004.

Digital Library

Cited By

Chen NChen B(2024)HiPDS: A Storage Hardware-Independent Plausibly Deniable Storage SystemIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.333852819(1483-1495)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3338528
Pinjala SCarbunar BChakraborti ASion R(2024)INVISILINE: Invisible Plausibly-Deniable Storage2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00018(2722-2739)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00018
Chen NChen BShi W(2024)An application-layer plausibly deniable encryption system for wearable devicesDiscover Internet of Things10.1007/s43926-024-00061-w4:1Online publication date: 6-Aug-2024
https://doi.org/10.1007/s43926-024-00061-w
Show More Cited By

Index Terms

A multi-user steganographic file system on untrusted shared storage
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Operating systems
        File systems management

Recommendations

A Shared Steganographic File System with Error Correction
MDAI '08 Sabadell: Proceedings of the 5th International Conference on Modeling Decisions for Artificial Intelligence

Steganographic file systems are file systems where the location and even the existence of files are unknown to the users not having stored them. If the file system can be written to by several users, a user may inadvertently damage the files stored by ...
Steganographic information hiding that exploits a novel file system vulnerability

In this paper, we present DupeFile, a simple yet critical security vulnerability in numerous file systems. By exploiting DupeFile, adversary can store two or more files with the same name/path, with different contents, inside the same volume. ...
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03: Proceedings of the 2nd USENIX Conference on File and Storage Technologies

Plutus is a cryptographic storage system that enables secure file sharing without placing much trust on the file servers. In particular, it makes novel use of cryptographic primitives to protect and share files. Plutus features highly scalable key ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '10: Proceedings of the 26th Annual Computer Security Applications Conference

December 2010

419 pages

ISBN:9781450301336

DOI:10.1145/1920261

Conference Chair:
Carrie Gates
CA Labs
,
Program Chairs:
Michael Franz
University of California, Irvine
,
John McDermott
Naval Research Lab

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

ACSAC '10

Sponsor:

ACSA

ACSAC '10: 2010 Annual Computer Security Applications Conference

December 6 - 10, 2010

Texas, Austin, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
210
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)3

Reflects downloads up to 26 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen NChen B(2024)HiPDS: A Storage Hardware-Independent Plausibly Deniable Storage SystemIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.333852819(1483-1495)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3338528
Pinjala SCarbunar BChakraborti ASion R(2024)INVISILINE: Invisible Plausibly-Deniable Storage2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00018(2722-2739)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00018
Chen NChen BShi W(2024)An application-layer plausibly deniable encryption system for wearable devicesDiscover Internet of Things10.1007/s43926-024-00061-w4:1Online publication date: 6-Aug-2024
https://doi.org/10.1007/s43926-024-00061-w
Chen NChen BShi W(2023)A Cross-layer Plausibly Deniable Encryption System for Mobile DevicesSecurity and Privacy in Communication Networks10.1007/978-3-031-25538-0_9(150-169)Online publication date: 4-Feb-2023
https://doi.org/10.1007/978-3-031-25538-0_9
Chen CChakraborti ASion R(2020)INFUSE: Invisible plausibly-deniable file system for NAND flashProceedings on Privacy Enhancing Technologies10.2478/popets-2020-00712020:4(239-254)Online publication date: 17-Aug-2020
https://doi.org/10.2478/popets-2020-0071
Zuck ALi YBruck JPorter DTsafrir DAgrawal NRangaswami R(2018)Stash in a flashProceedings of the 16th USENIX Conference on File and Storage Technologies10.5555/3189759.3189775(169-185)Online publication date: 12-Feb-2018
https://dl.acm.org/doi/10.5555/3189759.3189775
Chen CChakraborti ASion R(2018)PD-DM: An efficient locality-preserving block device mapper with plausible deniabilityProceedings on Privacy Enhancing Technologies10.2478/popets-2019-00092019:1(153-171)Online publication date: 24-Dec-2018
https://doi.org/10.2478/popets-2019-0009
Zhang QJia SChang BChen B(2018)Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a surveyCybersecurity10.1186/s42400-018-0005-81:1Online publication date: 5-Jun-2018
https://doi.org/10.1186/s42400-018-0005-8
Chakraborti AChen CSion R(2017)DataLair: Efficient Block Storage with Plausible Deniability against Multi-Snapshot AdversariesProceedings on Privacy Enhancing Technologies10.1515/popets-2017-00352017:3(179-197)Online publication date: 6-Jul-2017
https://doi.org/10.1515/popets-2017-0035
Yu XChen BWang ZChang BZhu WJing J(2014)MobiHydra: Pragmatic and Multi-level Plausibly Deniable Encryption Storage for Mobile DevicesInformation Security10.1007/978-3-319-13257-0_36(555-567)Online publication date: 2014
https://doi.org/10.1007/978-3-319-13257-0_36

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents