Academic Commons

Articles

CamouflageFS: Increasing the Effective Key Length in Cryptographic Filesystems on the Cheap

Locasto, Michael E.; Keromytis, Angelos D.

One of the few quantitative metrics used to evaluate the security of a cryptographic file system is the key length of the encryption algorithm; larger key lengths correspond to higher resistance to brute force and other types of attacks. Since accepted cryptographic design principles dictate that larger key lengths also impose higher processing costs, increasing the security of a cryptographic file system also increases the overhead of the underlying cipher. We present a general approach to effectively extend the key length without imposing the concomitant processing overhead. Our scheme is to spread the ciphertext inside an artificially large file that is seemingly filled with random bits according to a key-driven spreading sequence. Our prototype implementation, CamouflageFS, offers improved performance relative to a cipher with a larger key-schedule, while providing the same security properties. We discuss our implementation (based on the Linux Ext2 file system) and present some preliminary performance results. While CamouflageFS is implemented as a stand-alone file system, its primary mechanisms can easily be integrated into existing cryptographic file systems.

Subjects

Files

Also Published In

Title
Applied cryptography and network security: second international conference, ACNS 2004, Yellow Mountain, China, June 8-11, 2004: proceedings
Publisher
Springer-Verlag
DOI
https://doi.org/10.1007/978-3-540-24852-1_1

More About This Work

Academic Units
Computer Science
Series
Lecture Notes in Computer Science, 3089
Published Here
July 5, 2012
Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.