oramfs - ORAM filesystem written in Rust
Travis Biehn
tbiehn at gmail.com
Mon Jul 5 13:56:31 PDT 2021
On Mon, Jul 5, 2021 at 4:40 PM Karl Semich <0xloem at gmail.com> wrote:
>>
>> Hidden volumes solve for any type of coerced decryption.
>
>
> That's what a rubber hose attack is.
>
>>
>> I can use Tahoe-LAFS for personal backup and it'll be encrypted, but
>> it wont have ORAM. Most academic work on ORAM is in the context of a
>> centralized cloud service provider. ORAM was not invented in absence
>> of a threat, but it may be applied to a system with no benefit.
>>
>> Here's an example statement from https://arxiv.org/pdf/1605.09779.pdf
>> "ObliviSync: Practical Oblivious File Backup and Synchronization"
>>
>> "ORAM is a powerful tool that solves a critical problem in cloud
>> security. Consider a hospital which uses cloud storage to backup their
>> patient records. Even if the records are properly encrypted, an
>> untrusted server that observes which patient files are modified will
>> learn sensitive medical information about those patients. They will
>> certainly learn that the patient has visited the hospital recently,
>> but also may learn things like whether the patient had imaging tests
>> done based on how large the file is that is updated. Moreover, they
>> might learn for instance that a patient has cancer after seeing an
>> oncologist update their records. This type of inference, and more, can
>> be done despite the fact that the records themselves are encrypted
>> because the access pattern to the storage is not hidden".
>>
>> Karl, pleasure writing to you, I hope you understand a bit better why
>> I'm asking about ORAM-FS's benefits.
>
>
> I hear you asking with an eye towards when a large business or government might find it efficient to use.
>
> I don't understand why you are asking this. I observed you didn't share a threat model.
>
> Oramfs is actually completely pluggable under the hood. What do you think about expanding it so it can do non-obfuscated encryption if desired?
>
> This would be incredibly easy to add.
Karl,
How do we know that your commentary isn't in bad faith? Textbook
disruption techniques. Please share your rationale for questioning my
rationale.
Just kidding,
-Travis
--
Twitter | LinkedIn | GitHub | TravisBiehn.com
More information about the cypherpunks
mailing list