Steganographic file system

From Wikipedia, the free encyclopedia

Steganographic file system are a kind of file system first proposed by Ross Anderson, Roger Needham, and Adi Shamir. In a steganographic file system, files are not merely stored, nor stored encrypted, but in which the entire partition is randomized - encrypted files strongly resemble randomized sections of the partition, and so when files are stored on the partition, there is no easy way to discern between meaningless gibberish and the actual encrypted files. Furthermore, locations of files are derived from the key for the files, and the locations are hidden and available to only programs with the passphrase. This leads to the problem that very quickly files can overwrite each other (because of the Birthday Paradox); this is compensated for by writing all files in multiple places to lessen the chance of data loss.

1 Advantage
2 Other methods
3 See also
4 External links

[edit] Advantage

While there may seem to be no point to a file system which is guaranteed to either be grossly inefficient storage space-wise or to cause data loss and corruption either from data collisions or loss of the key (in addition to being a complex system, and for having poor read/write performance), performance was not the goal of StegFS. Rather, StegFS is intended to thwart a particular weakness of cryptographical systems called (by Bruce Schenier among others) a "rubberhose attack" - an attack which exploits the fact that users' systems can be broken by legal sanctions or by physical intimidation (the common example being a totalitarian regime whose torturers beat people with rubber hoses). The attack usually works because encrypted files are distinguishable from regular files, and the authorities can coerce the user until the user gives up the keys and all the files are distinguishable as regular files. However, since in a steganographic file system, the number of files are unknown and every byte looks like an encrypted byte, the authorities cannot know how many files (and hence, keys) are stored. The user has plausible deniability- he can say there are only a few innocuous files or none at all, and anybody without the keys cannot gainsay the user.

[edit] Other methods

Other methods exist; the method laid out before is the one implemented by StegFS, but it is possible to steganographically hide data within image or audio files- ScramDisk or the Linux loopback device can do this.^{[citation needed]}

Generally, a steganographic file system is implemented over a steganographic layer, which supplies just the storage mechanism. For example, the steganographic file system layer can be some existing MP3 files, each file contains a chunk of data (or a part of the file system). The final product is a file system that is hardly detected (depending on the steganographic layer) that can store any kind of file in a regular file system hierarchy.