Kudelski Security, a company specializing in security auditing, has published the Oramfs file system with the implementation of ORAM (Oblivious Random Access Machine) technology, which masks the data access pattern. The project proposed a FUSE module for Linux with the implementation of a FS layer that does not allow tracking the structure of write and read operations. The Oramfs code is written in Rust and is licensed under the GPLv3 license.
ORAM technology involves the creation of another layer in addition to encryption, which does not allow determining the nature of the current activity when working with data. For example, if encryption is used when storing data in a third-party service, the owners of this service cannot find out the data itself, but they can determine which blocks are accessed and what operations are performed. ORAM hides information about which parts of the FS are being accessed and what kind of operation is being performed (read or write).
Oramfs provides a universal layer file system that allows you to simplify the organization of data storage on any external storage. Data is stored in encrypted form with optional authentication. ChaCha8, AES-CTR and AES-GCM algorithms can be used for encryption. Patterns in write and read access are hidden using the Path ORAM scheme. Other schemes are planned to be implemented in the future, but in the current form, the development is still at the prototype stage, which is not recommended for use in production systems.
Oramfs can be used with any file system and does not depend on the type of target external storage - it is possible to synchronize files to any service that can be mounted in the form of a local directory (SSH, FTP, Google Drive, Amazon S3, Dropbox, Google Cloud Storage, Mail.ru Cloud , Yandex.Disk and other services supported by rclone or for which there are FUSE modules for mounting). The storage size is not fixed, and if additional space is needed, the ORAM size can dynamically increase.
Setting up Oramfs comes down to defining two directories - public and private, which act as a server and client. The public directory can be any directory in the local file system that is linked to external storages by mounting them via SSHFS, FTPFS, Rclone and any other FUSE modules. The private directory is provided by the Oramfs FUSE module and is designed to work directly with files stored in ORAM. The public directory contains the ORAM image file. Any operation with private directories affects the state of this image file, but this file looks like a black box to an external observer, changes in which cannot be associated with activity in the private directory, including whether a write or read operation has been performed.
Oramfs can be used in areas where the highest level of privacy is required and performance can be sacrificed. Performance is degraded as each storage operation, including data read operations, results in the rebuilding of blocks in the FS image. For example, reading a 10MB file takes about 1 second, and a 25MB file takes 3 seconds. A 10MB write takes 15 seconds and a 25MB write takes 50 seconds. At the same time, Oramfs is about 9 times faster when reading and 2 times faster when writing compared to the UtahFS file system developed by Cloudflare and optionally supporting ORAM mode.
Source: opennet.ru