On Mon, Jul 5, 2021, 3:17 PM Travis Biehn <tbiehn@gmail.com> wrote:
On Mon, Jul 5, 2021 at 2:04 PM Karl Semich <0xloem@gmail.com> wrote:
I'm afraid I can't give a good answer because of my "locks" situation,
but obviously we are enswathed with multi-user disk situations, for real.
Karl, If I asked 'what do you have to hide?' then I think your spidey sense should tingle :) That's not the case.
ORAM is a technique that you can apply to a system, an encrypted filesystem ideally incorporates the requisite design and mix of primitives in order to achieve effective operational security, with that meets operational impact objectives. I'm wondering why I would take on the operational costs (to my mission, say, 'taking over the moon', and cost, for example, of decreased bandwidth and increased latency) of a filesystem that uses ORAM, rather than conventional encrypted filesystems.
As another example, a 'hidden volume' is a feature that an encrypted filesystem can have, I can explain that a hidden volume exists to counter a rubber hose attack. If someone
asked why a hidden volume is
useful there's no problem in asking or answering the question. The
attack isn't obvious to everyone and consequently the benefit of
suffering the operational burden of solving the problem (e.g. using hidden volumes with plausible contents) can't be understood until explained.
So maybe with this framing in mind; what attacks does the use of
ORAM-FS counter?
What's your threat model? I bet I can think of a lot. https://lists.cpunks.org/pipermail/cypherpunks/2021-July/088855.html Would you consider a rubber hose attack to be the only thing a hidden volume can help against?
-Travis
-- Twitter | LinkedIn | GitHub | TravisBiehn.com