JigDFS: A secure distributed file system

Abstract

Ubiquitous connectivity and availability of P2P resources creates opportunities for building new services. This paper describes Jigsaw Distributed File System (JigDFS) which can be used to securely store and retrieve files on a P2P network anonymously. JigDFS is designed to provide strong encryption and a certain level of plausible deniability. Files in JigDFS are sliced into small segments using an Information Dispersal Algorithm (IDA) and distributed onto different nodes recursively to increase fault tolerance against node failures. Moreover, layered encryption is applied to each file with keys produced by a hashed-key chain algorithm, so that data (file segments) and keys reside on different hosts. In such a scheme, if an attacker compromises a host and retrieves the data, the attacker will still need the correct key to decipher the data. Furthermore, recursive IDA and layered encryption ensure users' anonymity. It is difficult for an adversary to identify who owns a file, even who has retrieved a file in JigDFS. Often, a strong adversary may have the power to monitor the network or even force a user to give up the password. Design of JigDFS provides users with plausible deniability which enhances privacy. When being questioned, a JigDFS user can simply argue that he/she is merely a relaying node, rather than the file owner. Moreover, a user, when forced, can give up a valid, however, incorrect encryption key. There is no way for an adversary to verify either correctness of a key or the identity of file owner. JigDFS is developed using platform independent Java technologies and is envisioned to utilize mobile computing elements such as PDAs and smart phones.