Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: ESFS - The encrypted steganography filesystem
From: Tomás Touceda <chiiph () gentoo org>
Date: Thu, 13 Jan 2011 15:21:46 -0300

Hi stormrider,

2011/1/13 stormrider <strmrdr42 () yahoo de>:
Hey Tomás,

this sounds like a nice idea. Especially the fact that you kinda
"overmount" one filesystem over another to access hidden data.
But - as far as I know there is actually no steganography technique that
can really *hide* the data. So you will not be able to prevent someone
from finding out that there is some information inside the images. You
might want to read

What I meant with hide is that, since it uses the LSBs, you can pick
any image, and "find data" in them, so it makes it a little bit harder
to know where you actually have data, and if you really do.

Attacks on Steganographic Systems. Andreas Pfitzmann:
Information Hiding. Third International Workshop, IH'99, Dresden, Germany

This should clarify things ;-)

Thanks, I'll read it... I haven't read a lot about steganography I
must admit, I have to get up to date with this.

Thanks a lot for the input!


My information might be out of date, but after that publication it
became very silent around steganography and I haven't heard any news
since then...


Am 12.01.2011 20:08, schrieb Tomás Touceda:
Hello everyone,

I wanted to announce this little pet project that was born a couple of
weeks ago, and now it sees the light in the form of a proof of
concept, in hopes that it'll become a fully featured filesystem.
Here's an extract of the main README text:


What's this?

Just like the title says, it's a filesystem. Particularly, it's a FUSE
filesystem that's implemented entirely in Python (for now), and it's a
proof of concept in alpha state, so don't save stuff only within this
filesystem just yet. A couple of weeks ago, I started reading about
and playing with encrypted filesystems (LUKS + dmcrypt, encfs, etc). I
came across an email (actually, a friend of mine tossed me the link)
from the now well-known Assange, about a Linux kernel module he and
other people were working on that provided different layers of
encryption in a filesystem, so you can say "oh, yes, I have encrypted
data in here", but in a deeper layer you'd have more encrypted data,
with another key, and nobody but you would know about it. And I
thought it was a really cool idea. I started looking for the code, but
it was too old to be used with the current kernel. A couple of days
before that, I read about StegFS, a filesystem that uses steganography
to hide your files within your other files. And again, I thought it
was a really cool idea, BUT I didn't like the fact that (and please
correct me if I'm wrong) when you copied a file in StegFS, there's a
chance you'll lose some other file. So, this one is usable, but this
drawback didn't suit me. I started bouncing ideas with a lot of
friends, and then it hit me: a filesystem, hides its data in images
and encrypts this data. I wanted to build a FUSE filesystem since I
first learned about it, so I finally had an idea to work with. This
idea gives you the same advantages of Assange's kernel module: you
have a bunch of images that seem like regular files, but when you
mount the filesystem with certain parameters BAM! you have lots of
files that nobody knew were there.


You can find the rest of this README, a more detail design document,
and the actual code in: https://github.com/chiiph/esfs

If you find any bugs, please let me know.
Any comments and critics are more than welcome.


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Tomás Touceda
Gentoo Developer
Herds: Qt, Scheme, Lisp

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]