Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: ESFS - The encrypted steganography filesystem
From: Tomás Touceda <chiiph () gentoo org>
Date: Thu, 13 Jan 2011 15:21:46 -0300

Hi stormrider,

2011/1/13 stormrider <strmrdr42 () yahoo de>:
Hey Tomás,

this sounds like a nice idea. Especially the fact that you kinda
"overmount" one filesystem over another to access hidden data.
But - as far as I know there is actually no steganography technique that
can really *hide* the data. So you will not be able to prevent someone
from finding out that there is some information inside the images. You
might want to read

What I meant with hide is that, since it uses the LSBs, you can pick
any image, and "find data" in them, so it makes it a little bit harder
to know where you actually have data, and if you really do.


Attacks on Steganographic Systems. Andreas Pfitzmann:
Information Hiding. Third International Workshop, IH'99, Dresden, Germany

This should clarify things ;-)

Thanks, I'll read it... I haven't read a lot about steganography I
must admit, I have to get up to date with this.

Thanks a lot for the input!

Cheers,


My information might be out of date, but after that publication it
became very silent around steganography and I haven't heard any news
since then...

regards,
stormrider

Am 12.01.2011 20:08, schrieb Tomás Touceda:
Hello everyone,

I wanted to announce this little pet project that was born a couple of
weeks ago, and now it sees the light in the form of a proof of
concept, in hopes that it'll become a fully featured filesystem.
Here's an extract of the main README text:

============================================================================

What's this?

Just like the title says, it's a filesystem. Particularly, it's a FUSE
filesystem that's implemented entirely in Python (for now), and it's a
proof of concept in alpha state, so don't save stuff only within this
filesystem just yet. A couple of weeks ago, I started reading about
and playing with encrypted filesystems (LUKS + dmcrypt, encfs, etc). I
came across an email (actually, a friend of mine tossed me the link)
from the now well-known Assange, about a Linux kernel module he and
other people were working on that provided different layers of
encryption in a filesystem, so you can say "oh, yes, I have encrypted
data in here", but in a deeper layer you'd have more encrypted data,
with another key, and nobody but you would know about it. And I
thought it was a really cool idea. I started looking for the code, but
it was too old to be used with the current kernel. A couple of days
before that, I read about StegFS, a filesystem that uses steganography
to hide your files within your other files. And again, I thought it
was a really cool idea, BUT I didn't like the fact that (and please
correct me if I'm wrong) when you copied a file in StegFS, there's a
chance you'll lose some other file. So, this one is usable, but this
drawback didn't suit me. I started bouncing ideas with a lot of
friends, and then it hit me: a filesystem, hides its data in images
and encrypts this data. I wanted to build a FUSE filesystem since I
first learned about it, so I finally had an idea to work with. This
idea gives you the same advantages of Assange's kernel module: you
have a bunch of images that seem like regular files, but when you
mount the filesystem with certain parameters BAM! you have lots of
files that nobody knew were there.

============================================================================

You can find the rest of this README, a more detail design document,
and the actual code in: https://github.com/chiiph/esfs

If you find any bugs, please let me know.
Any comments and critics are more than welcome.

Regards,

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
Tomás Touceda
Gentoo Developer
Herds: Qt, Scheme, Lisp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]