On 30/06/2021 22:55, coderman wrote:
https://github.com/kudelskisecurity/oramfs <https://github.com/kudelskisecurity/oramfs>
oramfs - ORAM filesystem written in Rust [..] How does it work?
I read that bit, and I still don't know how it works. You don't explain properly, just give a lot of irrelevant implementation stuff. In all cases, but especially for explanations, keep it simple. And answer the question, don't futz around - I don't want to know how you implemented it (at least not here), I want to know how it works.
That's it! Files written/read to/from the private directory are encrypted and access patterns are hidden to the FTP server.
Not as far as I can see. It seems simple to attack, 'oh look the file(system) has been changed, the user wrote or deleted a file' therefore he has accessed the filesystem. Have you considered how to do secure deletion? It is very tricky. If an attacker can see the raw fs in a state which includes a particular file, and the key is not deleted, then if he gets the undeleted key at any future time he can read the file. Peter Fairbrother