A Novel Cryptographic Framework for Cloud File Systems and CryFS, a Provably-Secure Construction

  • Sebastian Messmer
  • Jochen Rill
  • Dirk Achenbach
  • Jörn Müller-Quade
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10359)


Using the cloud to store data offers many advantages for businesses and individuals alike. The cloud storage provider, however, has to be trusted not to inspect or even modify the data they are entrusted with. Encrypting the data offers a remedy, but current solutions have various drawbacks. Providers which offer encrypted storage themselves cannot necessarily be trusted, since they have no open implementation. Existing encrypted file systems are not designed for usage in the cloud and do not hide metadata like file sizes or directory structure, do not provide integrity, or are prohibitively inefficient. Most have no formal proof of security. Our contribution is twofold. We first introduce a comprehensive formal model for the security and integrity of cloud file systems. Second, we present \(\mathsf {CryFS}\), a novel encrypted file system specifically designed for usage in the cloud. Our file system protects confidentiality and integrity (including metadata), even in presence of an actively malicious cloud provider. We give a proof of security for these properties. Our implementation is easy and transparent to use and offers performance comparable to other state-of-the-art file systems.


  1. 1.
    Achenbach, D., Huber, M., Müller-Quade, J., Rill, J.: Closing the gap: a universal privacy framework for outsourced data. In: Pasalic, E., Knudsen, L.R. (eds.) BalkanCryptSec 2015. LNCS, vol. 9540, pp. 134–151. Springer, Cham (2016). doi: 10.1007/978-3-319-29172-7_9 CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. J. Crypt. 21(4), 469–491 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious ram. J. Cryptol. 30(1), 22–57 (2017)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Chase, M., Shen, E.: Substring-searchable symmetric encryption. Cryptology ePrint Archive, Report 2014/638 (2014).
  5. 5.
    Damgård, I., Dupont, K.: Universally composable disk encryption schemes. Cryptology ePrint Archive, Report 2005/333 (2005).
  6. 6.
    Dielissen, V.J., Kaldewaij, A.: A simple, efficient, and flexible implementation of flexible arrays. In: Möller, B. (ed.) MPC 1995. LNCS, vol. 947, pp. 232–241. Springer, Heidelberg (1995). doi: 10.1007/3-540-60117-1_13 CrossRefGoogle Scholar
  7. 7.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 213–222. ACM, New York (2009)Google Scholar
  8. 8.
    Gjøsteen, K.: Security notions for disk encryption. In: Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 455–474. Springer, Heidelberg (2005). doi: 10.1007/11555827_26 CrossRefGoogle Scholar
  9. 9.
    Goh, E.J.: Secure indexes. Cryptology ePrint Archive, Report 2003/216 (2003).
  10. 10.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography. Chapman and Hall/CRC Cryptography and Network Security. Chapman and Hall/CRC, Boca Raton (2008)zbMATHGoogle Scholar
  11. 11.
    Khati, L., Mouha, N., Vergnaud, D.: Full disk encryption: bridging theory and practice. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 241–257. Springer, Cham (2017). doi: 10.1007/978-3-319-52153-4_14 CrossRefGoogle Scholar
  12. 12.
    Wright, C.P., Martino, M.C., Zadok, E.: NCryptfs: a secure and convenient cryptographic file system. In: Proceedings of the 2003 USENIX Annual Technical Conference, San Antonio, TX, pp. 197–210, June 2003Google Scholar
  13. 13.
    Zhang, Y., Blanton, M.: Efficient dynamic provable possession of remote data via update trees. Trans. Storage 12(2), 9:1–9:45 (2016)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2017

Authors and Affiliations

  • Sebastian Messmer
    • 2
  • Jochen Rill
    • 1
  • Dirk Achenbach
    • 1
  • Jörn Müller-Quade
    • 2
  1. 1.FZI Forschungszentrum InformatikKarlsruheGermany
  2. 2.Karlsruhe Institute of Technology (KIT)KarlsruheGermany

Personalised recommendations