oramfs - ORAM filesystem written in Rust
Karl Semich
0xloem at gmail.com
Mon Jul 5 12:30:57 PDT 2021
On Mon, Jul 5, 2021, 3:17 PM Travis Biehn <tbiehn at gmail.com> wrote:
> On Mon, Jul 5, 2021 at 2:04 PM Karl Semich <0xloem at gmail.com> wrote:
> >
> > I'm afraid I can't give a good answer because of my "locks" situation,
> but obviously we are enswathed with multi-user disk situations, for real.
>
> Karl,
> If I asked 'what do you have to hide?' then I think your spidey sense
> should tingle :) That's not the case.
>
> ORAM is a technique that you can apply to a system, an encrypted
> filesystem ideally incorporates the requisite design and mix of
> primitives in order to achieve effective operational security, with
> that meets operational impact objectives.
> I'm wondering why I would take on the operational costs (to my
> mission, say, 'taking over the moon', and cost, for example, of
> decreased bandwidth and increased latency) of a filesystem that uses
> ORAM, rather than conventional encrypted filesystems.
> As another example, a 'hidden volume' is a feature that an encrypted
> filesystem can have, I can explain that a hidden volume exists to
> counter a rubber hose attack. If someone
asked why a hidden volume is
> useful there's no problem in asking or answering the question. The
attack isn't obvious to everyone and consequently the benefit of
> suffering the operational burden of solving the problem (e.g. using
> hidden volumes with plausible contents) can't be understood until
> explained.
So maybe with this framing in mind; what attacks does the use of
> ORAM-FS counter?
>
What's your threat model? I bet I can think of a lot.
https://lists.cpunks.org/pipermail/cypherpunks/2021-July/088855.html
Would you consider a rubber hose attack to be the only thing a hidden
volume can help against?
> -Travis
>
>
> --
> Twitter | LinkedIn | GitHub | TravisBiehn.com
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3481 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20210705/112ceb62/attachment.txt>
More information about the cypherpunks
mailing list