JigDFS: A secure distributed file system

Ubiquitous connectivity and availability of P2P resources creates opportunities for building new services. This paper describes Jigsaw Distributed File System (JigDFS) which can be used to securely store and retrieve files on a P2P network anonymously. JigDFS is designed to provide strong encryption and a certain level of plausible deniability. Files in JigDFS are sliced into small segments using an Information Dispersal Algorithm (IDA) and distributed onto different nodes recursively to increase fault tolerance against node failures. Moreover, layered encryption is applied to each file with keys produced by a hashed-key chain algorithm, so that data (file segments) and keys reside on different hosts. In such a scheme, if an attacker compromises a host and retrieves the data, the attacker will still need the correct key to decipher the data. Furthermore, recursive IDA and layered encryption ensure users' anonymity. It is difficult for an adversary to identify who owns a file, even who has retrieved a file in JigDFS. Often, a strong adversary may have the power to monitor the network or even force a user to give up the password. Design of JigDFS provides users with plausible deniability which enhances privacy. When being questioned, a JigDFS user can simply argue that he/she is merely a relaying node, rather than the file owner. Moreover, a user, when forced, can give up a valid, however, incorrect encryption key. There is no way for an adversary to verify either correctness of a key or the identity of file owner. JigDFS is developed using platform independent Java technologies and is envisioned to utilize mobile computing elements such as PDAs and smart phones.

[1]  Lihao Xu,et al.  Optimizing Cauchy Reed-Solomon Codes for Fault-Tolerant Network Storage Applications , 2006, Fifth IEEE International Symposium on Network Computing and Applications (NCA'06).

[2]  Darren Govoni,et al.  JXTA: Java P2P Programming , 2002 .

[3]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[4]  Brian Warner,et al.  Tahoe: the least-authority filesystem , 2008, StorageSS '08.

[5]  Niv Gilboa,et al.  Deniability — an alibi for users in P2P networks , 2008, 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08).

[6]  Paddy Nixon,et al.  JFS: a secure distributed file system for network computers , 1999, Proceedings 25th EUROMICRO Conference. Informatics: Theory and Practice for the New Millennium.

[7]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[8]  Kian-Lee Tan,et al.  Steganographic schemes for file system and B-tree , 2004, IEEE Transactions on Knowledge and Data Engineering.

[9]  A. Glavieux,et al.  Near Shannon limit error-correcting coding and decoding: Turbo-codes. 1 , 1993, Proceedings of ICC '93 - IEEE International Conference on Communications.

[10]  Michael Luby,et al.  LT codes , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[11]  Robert G. Gallager,et al.  Low-density parity-check codes , 1962, IRE Trans. Inf. Theory.

[12]  Chia-Chu Chiang,et al.  A role-based secure group communication framework , 2008, 2008 IEEE International Conference on System of Systems Engineering.

[13]  Hugo Krawczyk,et al.  SKEME: a versatile secure key exchange mechanism for Internet , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[14]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[15]  Charles F. Hockett,et al.  A mathematical theory of communication , 1948, MOCO.

[16]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[17]  Scott Oaks,et al.  JXTA in a Nutshell , 2002 .

[18]  Nikita Borisov,et al.  Off-the-record communication, or, why not to use PGP , 2004, WPES '04.

[19]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[20]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[21]  Marek Karpinski,et al.  An XOR-based erasure-resilient coding scheme , 1995 .

[22]  Nathaniel S. Borenstein,et al.  CMU's Andrew project: a retrospective , 1996, CACM.

[23]  Bruce Schneier,et al.  Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications , 2008, HotSec.

[24]  Eric Pouyoul,et al.  Project JXTA: A Loosely-Consistent DHT Rendezvous Walker , 2002 .

[25]  Daniel A. Spielman,et al.  Efficient erasure correcting codes , 2001, IEEE Trans. Inf. Theory.

[26]  Daishi Kato GISP: global information sharing protocol-a distributed index for peer-to-peer systems , 2002, Proceedings. Second International Conference on Peer-to-Peer Computing,.