Skip to content

umr-ds/wofs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
wofsae
wofsae
 
 
wofsnocrypt
wofsnocrypt
 
 
wofsre
wofsre
 
 
README.md
README.md
 
 

Repository files navigation

wofs

Write Only Filesystem is a system to securely store data. The special feature is that the device storing the data does not have enough information to decrypt the data again. This makes it useful in publicly placed sensor networks, where the recorded data should not be readable by someonr stealing a device. The filesystems are bare bones and only support creating files in the filesystems root directory. They come with a write-mode and a read-mode.

Variants

wofs comes in two variants. One is using asymmtric encryption while the other one is using a ratchet mechanism. Both varients have one subvariant that obfuscates file size better, but requires more copying of memory. They are are the bso variants. wofsnocrypt is only for benchmarking purposes.

Installation

The wofs filesystems require the fuse Kernel Module, libfuse3, libsodium (1.0.19 or greater for wofsrat) and libcurl.

On Debian the dependencies and build system can be installed with.

sudo apt install build-essential pkg-config libfuse3-dev libcurl4-openssl-dev

At time of writing apt had libsodium 1.0.18 as package so 1.0.19 had to be installed as described here.

Building is done with make.

make

The variants are build with:

make wofsae
make wofsaebso
make wofsre
make wofsrebso

Usage

wofsre has the following arguments:

Usage: wofs [fuse options] [wofs options]
        necessary fuse option: -f <mountpoint>
        Options:
           --master <file>    file where master key is saved. Enables read mode.
           --enc <file>       dir where encrypted files should be saved.
           --init <file/url>  generate master key. saves master key either to file or HTTPS server specified.
           --help             display this message.

The typical way to start wofsre in write-mode would be:

wofs -f <mountpoint> --enc <folder for encrypted files> --init <path to store master key>

The typical way to start wofsre in read-mode would be:

wofs -f <mountpoint> --enc <folder for encrypted files> --master <path to stored master key>

wofsae has the following arguments:

Usage: wofs [fuse options] [wofs options]
        necessary fuse option: -f <mountpoint>
        Options:\n"
           --pk <file>        file where public key is saved or should be saved.
           --sk <file>        file where private key is saved. Enables read-write mode.
           --enc <file>       dir where encrypted files should be saved.
           --init <file/url>  generate keys. saves public key to --pk file and private key either to file or HTTPS server specified.
           --help             display this message.

The typical way to start wofsae in write-mode would be:

wofs -f <mountpoint> --enc <folder for encrypted files> --pk <path to store public key file> --init <path to store private key>

The typical way to start wofsae in read-mode would be:

wofs -f <mountpoint> --enc <folder for encrypted files> --pk <path to stored public key file> --sk <path to stored private key>

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages