Home

CamouflageFS: Increasing the Effective Key Length in Cryptographic Filesystems on the Cheap

Michael E. Locasto; Angelos D. Keromytis

Title:
CamouflageFS: Increasing the Effective Key Length in Cryptographic Filesystems on the Cheap
Author(s):
Locasto, Michael E.
Keromytis, Angelos D.
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Part Number:
3089
Book/Journal Title:
Applied cryptography and network security: second international conference, ACNS 2004, Yellow Mountain, China, June 8-11, 2004: proceedings
Book Author:
Jakobsson, Markus
Publisher:
Springer-Verlag
Publisher Location:
Berlin
Abstract:
One of the few quantitative metrics used to evaluate the security of a cryptographic file system is the key length of the encryption algorithm; larger key lengths correspond to higher resistance to brute force and other types of attacks. Since accepted cryptographic design principles dictate that larger key lengths also impose higher processing costs, increasing the security of a cryptographic file system also increases the overhead of the underlying cipher. We present a general approach to effectively extend the key length without imposing the concomitant processing overhead. Our scheme is to spread the ciphertext inside an artificially large file that is seemingly filled with random bits according to a key-driven spreading sequence. Our prototype implementation, CamouflageFS, offers improved performance relative to a cipher with a larger key-schedule, while providing the same security properties. We discuss our implementation (based on the Linux Ext2 file system) and present some preliminary performance results. While CamouflageFS is implemented as a stand-alone file system, its primary mechanisms can easily be integrated into existing cryptographic file systems.
Subject(s):
Computer science
Publisher DOI:
http://dx.doi.org/10.1007/978-3-540-24852-1_1
Item views:
42
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use