oramfs - ORAM filesystem written in Rust

Karl Semich 0xloem at gmail.com
Mon Jul 5 14:51:04 PDT 2021

> > We need to build, share, and use stuff like oramfs more.  I don't know
> what to say to cause that.
> Yes,
> The development, open distribution, and use of tools like ORAM-FS is
> important.
> Here's where I'm at;
> A frame; just one example of the differences between windows' early
> NTFS file encryption and 'TrueCrypt''s approach. In NTFS the structure
> of the filesystem was not encrypted, so an adversary could see all the
> filenames and metadata but no content. In a TrueCrypt volume an
> adversary has an opaque blob.
> An adversary can look at r/w access to a TC-like blob (a non-ORAM
> encrypted FS) and determine what filesystem is in use, then the
> attacker might guess at the boundaries of individual files, determine
> the specific implementation of the filesystem (a specific version),
> the Operating System writing to it, and when some typical files are
> being written to or read from. If you don't hook any commodity
> software up to the ORAM-FS then the attacker can probably at most
> glean the filesystem type and the boundaries of individual files.
> Depending on the filesystem they may also recover more structural
> information.

This is fun =)  I can get into funny states of mind in topics like this, so
if it gets weird I'm sorry.

As you quoted, you can get way more information than that.

I have not been through college, myself.

They can train a machine learning algorithm around common types of files
and identify the file types.  For many files, also the content.  They can
also observe your behavior via other channels to learn how it relates to
your disk activity and infer things about what you are doing.

To do that, they have to think of it, realise that it's possible, and
research it.

I don't see a clear benefit when the files being r/w'd are a variety
> that your attacker can't predict (a mix of non-standardized mission
> specific artifacts). But I see an advantage if they can.

They can theoretically classify your different file types and uses based on
the different access patterns those types and uses have.  Once classified,
if they have another channel or the usage between classes has meaning, they
can begin analysing or predicting content and use to some degree.

To do that, they have to think of it, realise that it's possible, and
research it.

It looks like access patterns are really useful when the domain of the
> data is constrained (in structure and type, or perhaps the access
> domain (e.g. search)); e.g. medical records and emails.

That will certainly make it easier.

The ORAM topic is fresh to me, maybe it's time to do a deep dive on
> the academic work. Happy for other examples or pointers to content
> that might help.

I have no academic experience myself, maybe others do.

I was dissociated while posting this and may have stated something false as
true.  I am surprised to have written it so succinctly, maybe that happened
because I didn't review it for accuracy.

Please support community software.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4531 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20210705/2aa73695/attachment.txt>

More information about the cypherpunks mailing list