Distributed, Encrypted, Fractured File System - A custom distributed file system written in C with FUSE

DEFFS

A custom FUSE-based filesystem that distributes encrypted shards of data across machines on a local network, allowing those files to be accessible from any machine.

Installation

  • Install dependencies - sudo apt-get install libfuse-dev libssl-dev

  • Uncomment user_allow_other from the last line of /etc/fuse.conf

  • Build

cmake .
mkdir bin
cmake --build ./ --target DEFFS -- -j 6
  • Mount
mkdir ~/deffs_mountpoint
mkdir ~/deffs_storepoint

./bin/DEFFS ~/deffs_mountpoint ~/deffs_storepoint

# DEFFS now mounted at ~/deffs_mountpoint
# Files are interacted with within the mountpoint, but are stored at the storepoint
# It is not advised to modify any files in your storepoint

Usage

Right now, DEFFS can be used like a typical EXT4 filesystem. It will store encrypted data shards in /.shards/, so modifying files in that folder or the folder itself will break DEFFS.

This filesystem's encryption is based on the AES_encrypt method, meaning:

  • It is NOT (yet) resistant to attackers
  • Making files with unencrypted content longer than 15 characters is undefined (soon to be fixed)

Currently, DEFFS only encrypts files when the write syscall is called. Soon, write_buf will be supported as well. Files are decrypted upon read.

Proper usage of DEFFS looks like this:

test/helloworld.txt cat test/helloworld.txt "> 
cd mountpoint

mkdir test
touch hello
echo "hello world" > test/helloworld.txt

cat test/helloworld.txt

Progress

  • Distributed
  • Encrypted
  • Fractured
  • File System
Owner
Charles Averill
UTD Class of '24, CS Major, struggling to understand Stephen Wolfram
Charles Averill
https://github.com/CharlesAverill/DEFFS https://charlesaverill.github.io/DEFFS
Comments
  • Shamir Secret Sharing Scheme Implementation

    Shamir Secret Sharing Scheme Implementation

    • [ ] Run AES key through Shamir's Secret Sharing Scheme to get key chunks that are prepended to shard data
    • [ ] (Later) enhance implementation to utilize 64-bit primes for key encrypting for better security
  • Encryption and Decryption Methods

    Encryption and Decryption Methods

    The encryption / decryption methods have been rewritten to allow for:

    • More general cipher applications (can use any block cipher available in OpenSSL)
    • Multiblock encryption / decryption
    • Randomized key and iv generation if no key or iv is provided
  • File modification fix

    File modification fix

    Modifying files finally fixed, appending is now broken however. Also, making the unencrypted content of a file longer than 15 characters is undefined behavior

  • Network manifest

    Network manifest

    Each machine should store a manifest of recognized machines and the public keys that they send out upon initialization. Two options for this:

    • [ ] Store the manifest in RAM (better for smaller networks bc less read/write and low RAM usage)
    • [ ] Store the manifest in a file (better for larger networks due to high RAM usage)
  • Concurrent Write Handling

    Concurrent Write Handling

    This must be a configurable option as none of these options are perfect

    • [ ] Store changes locally and only distribute when each potential receiver node has approved the change
    • [ ] Git-like automatic merging (not even sure if this one makes sense, seems like you'd need to decrypt the entire file to find the necessary changes to do the merge, and then re-encrypt, seems very inefficient no matter what)
  • Fracturing

    Fracturing

    Sending shards

    • [ ] Split encrypted filedata into n = number_of_connect_machines file shards
    • [ ] Prepend n key shards to file shards
      • [x] Requires #4 to get key shards
    • [ ] Append -<shard_index> to filename for reconstruction
    • [ ] Iterate through list of connected machines and send private key followed by file shards to each machine on predetermined port

    Receiving shards

    • [ ] Always have port open to receive shards
    • [ ] Spawn new socket in thread from configurable-sized thread pool
    • [ ] Authenticate data received by comparing received private key with provided public key
      • [ ] Requires #7
    • [ ] Write to shardpoint and update file headers if needed
  • Distribution

    Distribution

    • [ ] Add basic threaded TCP sockets to each client
    • [ ] Search for other machines periodically
      • During mounting process
      • Every 1 min? 1 day? Manually? Configurable?
    • [ ] Able to send, receive, and write data between connected machines seamlessly
Related tags
Cryptography linux security fuse filesystem
UnrealKey is a tool for automatically finding the AES-256 decryption keys for Unreal Engine 4 encrypted pak files.

UnrealKey UnrealKey is a tool for automatically finding the AES-256 decryption keys for Unreal Engine 4 encrypted pak files.

Dec 17, 2022
Libraries and tools to perform fully homomorphic encryption operations on an encrypted data set.

Fully Homomorphic Encryption (FHE) This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations o

Jan 7, 2023
Decrypt FairPlay encrypted executable binaries on macOS

UnFairPlay Decrypt FairPlay encrypted binaries on macOS when SIP-enabled. By mapping an executable as r-x and then using mremap_encrypted on the encry

Jan 2, 2023
Encrypted PE Loader Generator
 Encrypted PE Loader Generator

Huan Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It encrypts the PE file to be

Dec 14, 2022
High-level build system for distributed, multi-platform C/C++ projects.

fips fips is a highlevel build system wrapper written in Python for C/C++ projects. (this project has nothing to do with the Federal Information Proce

Dec 25, 2022
Rubicon - a New Custom Encryption Algorithm/Tool

Rubicon - a New Custom Encryption Algorithm/Tool Disclaimer DO NOT use this project for purposes other than legitimate red teaming/pentesting jobs

Dec 13, 2022
Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs
 Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs

VmxHijack Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs Sample // --- RPC Server Code (VmxHija

Aug 18, 2022
A high-performance distributed Bitcoin mining pool server.
 A high-performance distributed Bitcoin mining pool server.

Viabtc Mining Server ViaBTC Mining Server is a high-performance distributed Bitcoin mining pool server. We have made a lot of optimizations for Bitcoi

Nov 22, 2022
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.
 wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.

Dec 30, 2022
SHA256 Compute Shader (Kernel) Written in Rust
 SHA256 Compute Shader (Kernel) Written in Rust

SHA256 Compute Shader (Kernel) Written in Rust ... with application to Validating the Bitcoin Blockchain Abstract The project consists of two primary

Nov 10, 2022
A small HOTP/TOTP SHA1 client written in C, depending only on libcrypto (OpenSSL)

A small HOTP/TOTP SHA1 client written in C, depending only on libcrypto (OpenSSL)

Jan 21, 2022
Small collection of tools written in C for ECC and bitcoin

ecctools Small collection of tools written in C for ECC and bitcoin Why this programs are written in C language? Well i like C language because compil

Dec 7, 2022
simple encryptor and decryptor for files written in c++
 simple encryptor and decryptor for files written in c++

What this 3ndecf1le simple encryptor and decryptor for files written in c++ How To Setup 3ndecf1le sudo apt install g++;g++ encrypt.cpp -o encrypt;g++

Jan 23, 2022
SM2 simple tool class(C++)/function(C) written using openssl EVP (Based on OpenSSL 1.1.1).

sm2-EVP This project is a simple sm2 tool class(C++)/function(C) written using openssl EVP. Capable Function Brief CPP C GenEcPairKey Generate SM2 Key

Nov 26, 2022
Library and command line tool to detect SHA-1 collision in a file

sha1collisiondetection Library and command line tool to detect SHA-1 collisions in files Copyright 2017 Marc Stevens [email protected] Distributed

Dec 29, 2022
Parses existing Chia plotter log files and builds a .csv file containing all the important details

Chia Log Analysis Parses through Chia plotter log files and plops all the juicy details into a CSV file! Build See below for instructions if you prefe

May 10, 2022
CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange.
 CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange.

CoinBrowser CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange. Data for this program

Dec 14, 2022
a header-file-only, SHA256 hash generator in C++

PicoSHA2 - a C++ SHA256 hash generator Copyright © 2017 okdshin Introduction PicoSHA2 is a tiny SHA256 hash generator for C++ with following propertie

Dec 29, 2022
Transparent file encryption in git

git-crypt - transparent file encryption in git git-crypt enables transparent encryption and decryption of files in a git repository. Files which you c

Dec 30, 2022