Steganographic file systems are a kind offile system first proposed byRoss Anderson,Roger Needham, andAdi Shamir. Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know of the existence of any higher levels, or an entire partition is filled with random bits and files hidden in it.
In a steganographic file system using the second scheme,files are not merely stored, nor storedencrypted, but the entirepartition is randomized - encrypted files strongly resemble randomized sections of the partition, and so when files are stored on the partition, there is no easy way to discern between meaninglessgibberish and the actual encrypted files. Furthermore, locations of files are derived from the key for the files, and the locations are hidden and available to only programs with the passphrase. This leads to the problem that very quickly files can overwrite each other (because of theBirthday Paradox); this is compensated for by writing all files in multiple places to lessen the chance of data loss.
While there may seem to be no point to a file system which is guaranteed to either be grossly inefficient storage space-wise or to cause data loss and corruption either from data collisions or loss of thekey (in addition to being a complex system, and for having poor read/write performance), performance was not the goal of StegFS. Rather, StegFS is intended to thwart"rubberhose attacks", which usually work because encrypted files are distinguishable from regular files, and authorities can coerce the user until the user gives up the keys and all the files are distinguishable as regular files. However, since in a steganographic file system, the number of files are unknown and every byte looks like an encrypted byte, the authorities cannot know how many files (and hence, keys) are stored. The user hasplausible deniability — he can say there are only a few innocuous files or none at all, and anybody without the keys cannot gainsay the user.
Poul-Henning Kamp has criticized thethreat model for steganographic file systems in his paper onGBDE,[1] observing that in certain coercive situations, especially where the searched-for information is in fact not stored in the steganographic file systems, it is not possible for a subject to "get off the hook" by proving that all keys have been surrendered.
Other methods exist; the method laid out before is the one implemented byStegFS, but it is possible tosteganographically hide data within image (e.g.PNGDrive) or audio files-ScramDisk or the Linuxloop device can do this.[citation needed]
Generally, a steganographic file system is implemented over a steganographic layer, which supplies just the storage mechanism. For example, the steganographic file system layer can be some existing MP3 files, each file contains a chunk of data (or a part of the file system). The final product is a file system that is hardly detected (depending on the steganographic layer) that can store any kind of file in a regular file system hierarchy.
TrueCrypt allows for "hidden volumes" - two or more passwords open different volumes in the same file, but only one of the volumes contains secret data.