Mnemosyne: Peer-to-Peer Steganographic Storage

Abstract: We present the design of Mnemosyne 1 , a peer-to-peer steganographic storage service. Mnemosyne provides a high level of privacy and plausible deniability by using a large amount of shared distributed storage to hide data. Blocks are dispersed by secure hashing, and loss codes used for resiliency. We discuss the design of the system, and the challenges posed by traffic analysis.

“…The methods introduced here serve as basis for further work on the design and evaluation of traffic analysis resistant SFSs. We note that previous designs have given little or no attention to preventing these types of attacks, in spite of sometimes relying on architectures that use distributed peer-to-peer storage [GL04,HR02], or remote stores observable by third parties, and are thus vulnerable to the adversary and attacks described here.…”

“…For example, the model in [ZPT04] considers a shared multiuser file store where a malicious user or system administrator monitors store accesses. And this threat model is particularly relevant for distributed peer-to-peer SFSs [GL04,HR02], given that any eavesdropper in the vicinity of the user can monitor her connections to other peers (each storing some file blocks,) and use the traffic information to obtain evidence of hidden files.…”

A Framework for the Analysis of Mix-Based Steganographic File Systems

“…The methods introduced here serve as basis for further work on the design and evaluation of traffic analysis resistant SFSs. We note that previous designs have given little or no attention to preventing these types of attacks, in spite of sometimes relying on architectures that use distributed peer-to-peer storage [GL04,HR02], or remote stores observable by third parties, and are thus vulnerable to the adversary and attacks described here.…”

“…For example, the model in [ZPT04] considers a shared multiuser file store where a malicious user or system administrator monitors store accesses. And this threat model is particularly relevant for distributed peer-to-peer SFSs [GL04,HR02], given that any eavesdropper in the vicinity of the user can monitor her connections to other peers (each storing some file blocks,) and use the traffic information to obtain evidence of hidden files.…”

A Framework for the Analysis of Mix-Based Steganographic File Systems

“…A principal limiting factor in both cases is our (unoptimised) implementation of matrices over ¢ ¡ £ ¦ ¥ § © . In [4] we describe one implementation of a peruser filing system over the data storage and retrieval procedures described above. The filing system uses directories and inodes to simplify the management of keys and initial hash values, and also handles versioning of files, a necessity since data is never actually deleted from Mnemosyne, but rather decays over time.…”

“…If the keys are good enough, the set of resources used by any particular client should be unpredictable and hence difficult to attack. Mnemosyne [4] is a spread spectrum storage system which takes advantage of the widespread availability and low cost of network bandwidth and disk space. The system comprises servers that provide unreliable block storage, and clients which write and read blocks to and from the servers.…”

Spread Spectrum Storage with Mnemosyne

“…While the risk can be controlled by replicating the hidden files and by limiting the loading factor, it cannot be eliminated completely. In [10], Hand and Roscoe extended the scheme to provide better resilience on a peer-to-peer platform, by replacing simple replication with the information dispersal algorithm (IDA) [15]. Using IDA, a file owner chooses two numbers cipher-files such that any of them suffice to reconstruct the hidden file.…”

StegFS: a steganographic file system