oramfs - ORAM filesystem written in Rust

Travis Biehn tbiehn at gmail.com
Mon Jul 5 12:53:42 PDT 2021

On Mon, Jul 5, 2021 at 3:31 PM Karl Semich <0xloem at gmail.com> wrote:
> On Mon, Jul 5, 2021, 3:17 PM Travis Biehn <tbiehn at gmail.com> wrote:
>> On Mon, Jul 5, 2021 at 2:04 PM Karl Semich <0xloem at gmail.com> wrote:
>> >
>> > I'm afraid I can't give a good answer because of my "locks" situation, but obviously we are enswathed with multi-user disk situations, for real.
>> Karl,
>> If I asked 'what do you have to hide?' then I think your spidey sense
>> should tingle :) That's not the case.
>> ORAM is a technique that you can apply to a system, an encrypted
>> filesystem ideally incorporates the requisite design and mix of
>> primitives in order to achieve effective operational security, with
>> that meets operational impact objectives.
>> I'm wondering why I would take on the operational costs (to my
>> mission, say, 'taking over the moon', and cost, for example, of
>> decreased bandwidth and increased latency) of a filesystem that uses
>> ORAM, rather than conventional encrypted filesystems.
>> As another example, a 'hidden volume' is a feature that an encrypted
>> filesystem can have, I can explain that a hidden volume exists to
>> counter a rubber hose attack. If someone
>> asked why a hidden volume is
>> useful there's no problem in asking or answering the question. The
>> attack isn't obvious to everyone and consequently the benefit of
>> suffering the operational burden of solving the problem (e.g. using
>> hidden volumes with plausible contents) can't be understood until
>> explained.
>> So maybe with this framing in mind; what attacks does the use of
>> ORAM-FS counter?
> What's your threat model?  I bet I can think of a lot.
> https://lists.cpunks.org/pipermail/cypherpunks/2021-July/088855.html
> Would you consider a rubber hose attack to be the only thing a hidden volume can help against?
>> -Travis
>> --
>> Twitter | LinkedIn | GitHub | TravisBiehn.com

Hidden volumes solve for any type of coerced decryption.

I can use Tahoe-LAFS for personal backup and it'll be encrypted, but
it wont have ORAM. Most academic work on ORAM is in the context of a
centralized cloud service provider. ORAM was not invented in absence
of a threat, but it may be applied to a system with no benefit.

Here's an example statement from https://arxiv.org/pdf/1605.09779.pdf
"ObliviSync: Practical Oblivious File Backup and Synchronization"

"ORAM is a powerful tool that solves a critical problem in cloud
security. Consider a hospital which uses cloud storage to backup their
patient records. Even if the records are properly encrypted, an
untrusted server that observes which patient files are modified will
learn sensitive medical information about those patients. They will
certainly learn that the patient has visited the hospital recently,
but also may learn things like whether the patient had imaging tests
done based on how large the file is that is updated. Moreover, they
might learn for instance that a patient has cancer after seeing an
oncologist update their records. This type of inference, and more, can
be done despite the fact that the records themselves are encrypted
because the access pattern to the storage is not hidden".

Karl, pleasure writing to you, I hope you understand a bit better why
I'm asking about ORAM-FS's benefits.


Twitter | LinkedIn | GitHub | TravisBiehn.com

More information about the cypherpunks mailing list