oramfs - ORAM filesystem written in Rust
Karl Semich
0xloem at gmail.com
Mon Jul 5 13:40:10 PDT 2021
>
> Hidden volumes solve for any type of coerced decryption.
>
That's what a rubber hose attack is.
> I can use Tahoe-LAFS for personal backup and it'll be encrypted, but
> it wont have ORAM. Most academic work on ORAM is in the context of a
> centralized cloud service provider. ORAM was not invented in absence
> of a threat, but it may be applied to a system with no benefit.
>
> Here's an example statement from https://arxiv.org/pdf/1605.09779.pdf
> "ObliviSync: Practical Oblivious File Backup and Synchronization"
>
> "ORAM is a powerful tool that solves a critical problem in cloud
> security. Consider a hospital which uses cloud storage to backup their
> patient records. Even if the records are properly encrypted, an
> untrusted server that observes which patient files are modified will
> learn sensitive medical information about those patients. They will
> certainly learn that the patient has visited the hospital recently,
> but also may learn things like whether the patient had imaging tests
> done based on how large the file is that is updated. Moreover, they
> might learn for instance that a patient has cancer after seeing an
> oncologist update their records. This type of inference, and more, can
> be done despite the fact that the records themselves are encrypted
> because the access pattern to the storage is not hidden".
>
> Karl, pleasure writing to you, I hope you understand a bit better why
> I'm asking about ORAM-FS's benefits.
>
I hear you asking with an eye towards when a large business or government
might find it efficient to use.
I don't understand why you are asking this. I observed you didn't share a
threat model.
Oramfs is actually completely pluggable under the hood. What do you think
about expanding it so it can do non-obfuscated encryption if desired?
This would be incredibly easy to add.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2648 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20210705/8e26c0b6/attachment.txt>
More information about the cypherpunks
mailing list