Patent Grant
11989320
Exemplary embodiments of the present invention relate generally to systems and methods for creating and managing hidden electronic file systems within non-hidden electronic file systems.
File systems for managing machine readable information have been available for use since the inception of the modern computer industry. As far back as the 1950's, direct access storage devices (DASD) have been used to retain long term information; furthermore, files of information have been organized within these DASD to hold records of data.
Early adopters of DASD organized data files into adjacent sections of the devices, so that files could be processed in sequence. The existence and location of these files was recorded in a volume table of contents (VTOC) which could be located through repeatable means. This form of file system was reasonably sufficient for a number of decades, until the development of smaller systems, such as PDP-11s running UNIX, or the MP3000 running MPE.
These smaller systems had less available storage capacity and therefore were forced to develop a more space conscious system for file management. Space conscious file systems organized their files using a fluid directory structure that allowed for the location of the file to be discontinuous. By scattering the location of the file, the system was able to maximize the use of available storage by avoiding unnecessary empty space reserves.
Furthermore, these more space conscious file systems also gained an advantage by allowing a more flexible file naming process.
By allowing more flexible file naming, more complicated directory structures like folders and groups could be created. While the older, more VTOC oriented file systems were limited on dynamic expansion, these new structures allowed for dynamic creation renaming, and deletion of file entries.
These newer, more dynamic file systems have been adopted by more compact platforms like small systems and portables. The older more rigid style of file systems can still be found in use within large mainframe platforms. While there are still a wide number of reasons to adopt the more dynamic style, the rigid form allows for far greater control and recovery over the information.
While these two forms of file systems have various advantages and disadvantages, there are a number of elements such systems have in common. For example, data is stored in a semi-permanent fashion through a process of continual update. If there is a power loss to the computer involved the information in the storage system will not be lost and the file system will be again available once normal operations have recovered. The existence of data files is obvious and can be determined through an examination of the storage medium. While the data within the file might be encrypted, the existence of the file is not in question. Directory information may be duplicated in memory. However, a current and updated version of the directory must exist on the storage device. The purpose of the memory duplication is often solely for access efficiency. Furthermore, memory caches can be partial or complete in their representations. Finally, the existence of free space is obvious and can be determined through an examination of the storage medium. Since a file system can contain protected or encrypted files and/or directories, the determination of free space will clearly identify sections of the storage device that contain information.
In view of these, and other, shortcomings, what is needed is a system and method for creating and managing a hidden electronic file system. The present invention is a system and method for creating and managing a hidden electronic file system.
In exemplary embodiments, information is structured into segments, also referred to herein as blocks, and a random cipher is utilized to create a hidden file system. The file system may be partially or completely hidden. Features of the hidden file system may include the inability to determine the existence or location of files, data, directory structures, or free space. Files and directories may be only exposed to availability when a proper sequence of one or more passwords are applied. Without the proper application of passwords, files and/or directories may remain undetectable, and the number of usable passwords may not be readily determined.
In exemplary embodiments, all data, whether organized into blocks or not, may be stored on a disk, other electronic storage device, or on the DASD in an encrypted format. Furthermore, the encryption method used may be a random cipher, such as, but not limited to the Random Block Security (RBS) described in US Pub. Nos. 2019/0227772 published Jul. 25, 2019, 2019/0238315 published Aug. 1, 2019, and 2019/0265951 published Aug. 29, 2019, the disclosures of each of which are hereby incorporated by reference as if fully restated. This encryption process may obscure the file system and its contents. By using a random cipher, the data may be secured.
The systems and methods described herein may act to effectively prevent the ability to distinguish between free blocks, blocks comprising data, and blocks comprising directory structures without the use of a proper password(s).
In exemplary embodiments, multiple passwords may be utilized to permit different segments of data to be selectively exposed. Different password levels may be defined which permit the selective exposure of files in a layered approach. Without the appropriate application of passwords, all the files may remain unknown. For example, when two passwords are defined, the entry of a first password may expose a first number of files, but only the application of the second password in the correct sequence will expose all files. This is merely exemplary, any number of passwords in any number of layers is contemplated.
In exemplary embodiments, an entire directory structure may be obscured by the absence of the proper sequence of passwords. When files have not been exposed due to a failure to apply a password, there may be no ability to determine if these files exist or not; therefore, the unexposed files remain effectively invisible. It is possible, under duress, to be forced to enter a password for the file system, and therefore, expose some files and some directories; however, there is no effective way to determine if there are further passwords that should be applied and therefore it is difficult to be forced to expose what cannot be observed.
In exemplary embodiments, when power has been removed from the computer system involved, the repository that remains on the storage device is undecipherable. No files, directories, or even free space may be determined due to the random cipher and structural layout. Furthermore, there is no effective way to determine how many layers of password protection exist; therefore, if one or more passwords are provided, there is no effective way to determine if there are more levels and more files and directories to expose.
Normal, visible file systems comprise data stored on an electronic device and organized into data blocks. Within this normal system there may be a directory structure that clearly identifies which blocks are associated with allocated files, and which blocks are free for use in new file allocations. When a file is deleted, or modified in certain ways, some blocks may be released to the pool of available free blocks to be reused for additional allocations. One or more files within such a system may be pre-allocated by populating such files with a predetermined content to fill one or more blocks of the non-hidden file system. Thus, the file is maintained within the visible structure, while its contents may be used or reused by some other method. For example, without limitation, ten megabytes worth of random numbers may be populated into a visible file, and the directory of the non-hidden file system will indicate that there is a file that is ten megabytes in size that exists within the non-hidden file system. This ten-megabyte file may be manipulated by other facilities, without effecting its position within the visible file system.
The present disclosures include systems and methods for creating a hidden file system that is contained within structures for a non-hidden filing system. Rather than storing the structure of the hidden system within data blocks of one or more electronic devices, these underlying structures may be contained within pre-allocated files of a non-hidden (e.g., visible and/or standard) file system. Furthermore, the interleaving of these pre-allocated files may further augment the location, dimensions, and extent of the hidden file system contained within a non-hidden system. These systems and methods may create a hidden file system within a standard file system that would require knowledge of the passwords, hierarchical layer of the passwords, as well as the file within the standard system that acts as the root for the hidden file system to access the hidden file system within the non-hidden file system.
In addition to the features mentioned above, other aspects of the present invention will be readily apparent from the following descriptions of the drawings and exemplary embodiments, wherein like reference numerals across the several views refer to identical or equivalent features, and wherein:
Various embodiments of the present invention will now be described in detail with reference to the accompanying drawings. In the following description, specific details such as detailed configuration and components are merely provided to assist the overall understanding of these embodiments of the present invention. Therefore, it should be apparent to those skilled in the art that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present invention. In addition, descriptions of well-known functions and constructions are omitted for clarity and conciseness.
Embodiments of the invention are described herein with reference to illustrations of idealized embodiments (and intermediate structures) of the invention. As such, variations from the shapes of the illustrations as a result, for example, of manufacturing techniques and/or tolerances, are to be expected. Thus, embodiments of the invention should not be construed as limited to the particular shapes of regions illustrated herein but are to include deviations in shapes that result, for example, from manufacturing.
Cipher Encryption.
In exemplary embodiments, all stored data remains encrypted with a random cipher. Such encryption may be provided at all times when no password has been received and successfully verified. For each data storage block 10, 20, and 30 comprising data (hereinafter also a “payload block”) a block of random numbers of equal size 11, 21, and 31 (hereinafter also a “cipher block”) may be provided. However, it is contemplated that the cipher blocks 11, 21, and 31 may be of different size than the payload blocks 10, 20, and 30. An exemplary arrangement of such is shown in
As indicated in
As each payload block 10, 20, and 30 within the system 100 may comprise a cipher block comprising a random block of number of equal size 11, 21, and 31, it may be advantageous to further encrypt this cipher information as indicated generally at item 60 of
Underlying Data Structure.
The underlying data structure may identify each payload block 10, 20, and 30 or element used to contain the file system 100. In exemplary embodiments, the structure may only be used as part of the system which can be identified without decryption. Each payload block 10, 20, and 30 may be chained together using exposed pointers 14 and 16, or by locating the payload blocks 10, 20, and 30 in a contiguous sequence, but no further information about the payload blocks 10, 20, and 30 containing an encrypted payload may be identified, as illustrated in
As the directory blocks 71, like other payload blocks 10, 20, and 30, may be encrypted using the shadow cipher blocks 11, 21, and 31, the cipher blocks 11, 21, or 31 may have one or more levels of passwords in their encryption and directory structure 70 entries may be associated with any level of encryption that the user desires. In other words, only directory blocks 71 decryptable by a particular password may be used when building the memory index, for example without limitation. When a second password is applied, for example without limitation, more file directory entries may be exposed and added to the memory index.
So long as no structure of the underlying file system is reflected in the storage layout, it is not effectively possible to determine if there are more encrypted files. Furthermore, as directory entries may contain the dynamic structure of the file system, the presence or appearance of all files and folders may be completely or partially controlled by the application of cipher passwords.
It is notable that the pointers indicating the relationship between the blocks 71 of the directory structure 70 and the data file structure 80 are merely exemplary and are not intended to be limiting.
Data File Structure 80.
The payload blocks 10, 20, and 30 comprising the user data may be generally referred to as the data file structure 80. Once it is clear that directory information is only held in memory, the location of data files or other usable information may only be effectively determined from the memory directory. As in other sections of the file system, all blocks may contain a shadow cipher block 11, 21, and 31 of random numbers of equal size in data length. The first block 71 or section of the directory structure 70 may be pointed to a payload block 81 of the data file structure 80 comprising directory information, as illustrated by
Free Space.
In exemplary embodiments, there is little to no free space chain or indicator available within the data stored on an electronic storage device. Therefore, the operating file system may build a map of free space in memory by examining the revealed directory and file structure. Once a complete free space map has been developed, it may be possible to allocate and mange new, renamed, or deleted files. Since there is no distinction between file space, directory space, and free space, no inferences can be drawn concerning what may or may not remain hidden within the system 100. Only when the proper passwords have been presented and the parts of the file system in use have been exposed is it possible to accurately determine what is free and available, see e.g.,
In exemplary embodiments, a hidden electronic file system on one or more electronic storage devices comprises a number of payload blocks, each comprising data to be hidden, and a number of cipher blocks, each comprising random numbers to be used as a cipher for a corresponding one of the number of payload blocks. At least one of said payload blocks may comprise user data to be stored. At least one of said payload blocks may comprise directory information pointing to each of the at least one of said payload blocks. All unused payload blocks may be usable as free and available blocks for new and/or replacement data. All payload blocks may be encrypted by their associated cipher block of random numbers. All cipher blocks may be encrypted by an encryption method that uses a password oriented algorithm.
The number of cipher blocks may be equal to the number of payload blocks. Each of said number of cipher blocks may be the same size as a corresponding one of the number of payload blocks. Each cipher block may be used as an additional cipher block for an associated payload block, preferably by re-encrypting the previously encrypted content with an additional application of an encryption method that uses a password oriented algorithm. Each additional cipher block may be used to encrypt all or part of the data contained within the associated payload block. There may be no limit to the number of associated cipher blocks that can be produced through a process of re-encryption. There may be no limit to the number or layers of passwords that can be applied to a payload block, using additional cipher blocks for all or part of the data contained within the payload block. The information stored on one or more storage devices may contain no information about the format or structure of the payload, or cipher blocks. The information stored on one or more storage devices may contain no information about the content of any payload block, or organization of the directory, user information, or free space. The directory information contained within a payload block may contain an unstructured or free format file definition that provides a name for the user information, and points to the payload block, blocks, or chain of blocks, that contains the user data identified. The directory blocks may not be organized into any hierarchical structure. The hierarchical structure, if utilized, may be contained only within the name for the user information. The hierarchical structure of directories and/or subdirectories may be constructed by reading all directory block information into volatile electronic memory.
All payload blocks and cipher blocks stored on one or more storage devices may appear as a block of random numbers. No identification of the usage of the blocks may be determined on the one or more storage devices. No identification of user data, directory information, or free space may be determined on the one or more storage devices. A map of free and available blocks for new and/or replacement blocks may only be constructed by examining all the directory block information available in volatile electronic memory. The payload and cipher blocks may be records, stored within another data file, on one or more storage device of some other file management system.
Since the hidden file system is fully contained within one or more files of the non-hidden file system or systems, all of the hidden file system's data may remain encrypted and not in use until access is necessary. As file access becomes necessary, the internal structure and directory may be loaded into memory, and the hidden files may be revealed as described above. This may allow the contents of the hidden file system to be secured when not in use, for example without limitation, when power is removed from the system. At no time will the encrypted data be committed to long term storage, and may be only used in volatile memory storage in exemplary embodiments.
Cipher blocks and payload blocks may be provided in equal numbers, though such is not required, but they may be distributed throughout a number of pre-allocated files. Therefore, an operation which reveals the hidden file system may begin by pointing its decryption operation at the file that contains the root or main point for the hidden file system. As the hidden file system decrypts its directory, it is possible for multiple additional pre-allocated files to be located by information contained within the directory of the hidden file system. With this method, it is possible to distribute an entire hidden file system within one or more files of normal, non-hidden file system without observation or location of where and how the system is being used. Furthermore, since the pre-allocated files are identified within the hidden system, it is possible for the pre-allocated files to be reorganized and moved within the non-hidden system that contains the cipher and payload blocks.
The systems and methods shown and described with respect to
Any embodiment of the present invention may include any of the features of the other embodiments of the present invention. The exemplary embodiments herein disclosed are not intended to be exhaustive or to unnecessarily limit the scope of the invention. The exemplary embodiments were chosen and described in order to explain the principles of the present invention so that others skilled in the art may practice the invention. Having shown and described exemplary embodiments of the present invention, those skilled in the art will realize that many variations and modifications may be made to the described invention. Many of those variations and modifications will provide the same result and fall within the spirit of the claimed invention. It is the intention, therefore, to limit the invention only as indicated by the scope of the claims.
Certain operations described herein may be performed by one or more electronic devices. Each electronic device may comprise one or more processors, electronic storage devices, executable software instructions, and the like configured to perform the operations described herein. The electronic devices may be general purpose computers or specialized computing device. The electronic devices may be personal computers, smartphone, tablets, databases, servers, or the like. The electronic connections and transmissions described herein may be accomplished by wired or wireless means.
This application is a continuation-in-part of U.S. application Ser. No. 16/720,222 filed Dec. 19, 2019, which claims the benefit of U.S. Provisional Application Ser. No. 62/781,837 filed Dec. 19, 2018, the disclosures of which are hereby incorporated by reference as if fully restated.
| Number | Name | Date | Kind |
|---|---|---|---|
| 3688090 | Rankin | Aug 1972 | A |
| 4493027 | Katz et al. | Jan 1985 | A |
| 6023724 | Bhatia et al. | Feb 2000 | A |
| 6567416 | Chuah | May 2003 | B1 |
| 6714985 | Malagrino et al. | Mar 2004 | B1 |
| 6757248 | Li et al. | Jun 2004 | B1 |
| 7103025 | Choksi | Sep 2006 | B1 |
| 8090866 | Bashyam et al. | Jan 2012 | B1 |
| 8374091 | Chiang | Feb 2013 | B2 |
| 8397151 | Salgado et al. | Mar 2013 | B2 |
| 9350663 | Rankin | May 2016 | B2 |
| 10929556 | Kurian | Feb 2021 | B1 |
| 20010017844 | Mangin | Aug 2001 | A1 |
| 20010019614 | Madoukh | Sep 2001 | A1 |
| 20020041592 | Van Der Zee et al. | Apr 2002 | A1 |
| 20020054570 | Takeda | May 2002 | A1 |
| 20020071436 | Border et al. | Jun 2002 | A1 |
| 20020114341 | Sutherland et al. | Aug 2002 | A1 |
| 20020164024 | Arakawa et al. | Nov 2002 | A1 |
| 20030031198 | Currivan et al. | Feb 2003 | A1 |
| 20030056009 | Mizrachi et al. | Mar 2003 | A1 |
| 20040210763 | Jonas | Oct 2004 | A1 |
| 20050058129 | Jones et al. | Mar 2005 | A1 |
| 20050060538 | Beverly | Mar 2005 | A1 |
| 20050105506 | Birdwell et al. | May 2005 | A1 |
| 20050286517 | Babbar et al. | Dec 2005 | A1 |
| 20060002681 | Spilo et al. | Jan 2006 | A1 |
| 20060034317 | Hong et al. | Feb 2006 | A1 |
| 20060133364 | Venkatsubra | Jun 2006 | A1 |
| 20060136690 | Hsieh | Jun 2006 | A1 |
| 20060259587 | Ackerman | Nov 2006 | A1 |
| 20070025388 | Abhishek et al. | Feb 2007 | A1 |
| 20070028121 | Hsieh | Feb 2007 | A1 |
| 20070112714 | Fairweather | May 2007 | A1 |
| 20070223395 | Lee et al. | Sep 2007 | A1 |
| 20080104313 | Chu | May 2008 | A1 |
| 20100002868 | Willoughby | Jan 2010 | A1 |
| 20100103830 | Salgado et al. | Apr 2010 | A1 |
| 20100281257 | Yamazaki et al. | Nov 2010 | A1 |
| 20110085662 | Myers | Apr 2011 | A1 |
| 20110149891 | Ramakrishna | Jun 2011 | A1 |
| 20110231564 | Korsunsky et al. | Sep 2011 | A1 |
| 20120117376 | Fink et al. | May 2012 | A1 |
| 20120243539 | Keesara | Sep 2012 | A1 |
| 20120289250 | Fix et al. | Nov 2012 | A1 |
| 20120300648 | Yang | Nov 2012 | A1 |
| 20120307678 | Gerber et al. | Dec 2012 | A1 |
| 20130028121 | Rajapakse | Jan 2013 | A1 |
| 20130058231 | Paddon et al. | Mar 2013 | A1 |
| 20130091102 | Nayak | Apr 2013 | A1 |
| 20130343377 | Stroud et al. | Dec 2013 | A1 |
| 20140100014 | Bennett, III et al. | Apr 2014 | A1 |
| 20140254598 | Jha et al. | Sep 2014 | A1 |
| 20140294019 | Quan et al. | Oct 2014 | A1 |
| 20150100613 | Osiecki et al. | Apr 2015 | A1 |
| 20150229714 | Venkatsubra et al. | Aug 2015 | A1 |
| 20160269294 | Rankin | Sep 2016 | A1 |
| 20170010900 | Cobb | Jan 2017 | A1 |
| 20170041296 | Ford et al. | Feb 2017 | A1 |
| 20170090872 | Mathew et al. | Mar 2017 | A1 |
| 20170351575 | Baker et al. | Dec 2017 | A1 |
| 20180018147 | Sugawara | Jan 2018 | A1 |
| 20180060244 | Godard et al. | Mar 2018 | A1 |
| 20180102975 | Rankin | Apr 2018 | A1 |
| Entry |
|---|
| Mistree, B., PingFS, https://bmistree.com/pingfs/, pp. 1-27, Dec. 5, 2019. |
| Information Sciences Institute, University of Southern California, RFC 791, Internet Protocol, DARPA Internet Program Protocol Specification, Sep. 1981. |
| Postel, J., RFC 792, Internet Control Message Protocol, DARPA Internet Program Protocol Specification, Sep. 1981. |
| Information Sciences Institute, University of Southern California, RFC 793, Transmission Control Protocol, DARPA Internet Program Protocol Specification, Sep. 1981. |
| McCann, J. et al., RFC 1981, Path MTU Discovery for IP version 6, Aug. 1996. |
| Mathis, M. et al., TCP Selective Acknowledgment Options, Oct. 1996. |
| Montenegro, G. et al., RFC 4944, Transmission of IPV6 Packets over IEEE 802.15.4 Networks, Sep. 2007. |
| Paxson et al., RFC 2330, Framework for IP Performance Metrics, May 1998. |
| Thubert, P. et al., LLN Fragment Forwarding and Recovery draft-thubert-6lo-forwarding-fragments-02, Nov. 25, 2014. |
| Li, T. et al., A New MAC Scheme for Very High-Speed WLANs, Proceedings of the 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks, 2006. |
| Rabah, K., Steganography—The Art of Hiding Data, Information Technology Journal, 2004, pp. 245-269. |
| Arkin, O., ICMP Usage in Scanning, The Complete Know-How, Jun. 2001. |
| Brown, J. et al., ARP Coaching Poisoning and Routing Loops in ad Hoc Networks, Mobile Networks and Applications, pp. 1306-1317, 2018. |
| Hansen, R. et al., Covert6: A Tool to Corroborate the Existence of IPV6 Covert Channels, Annual ADFSL Conference on Digital Forensics, Security Law, 2016. |
| Mileva, A. et al., Covert Channels in TCP/IP Protocol Stack—extended version—, Central European Journal of Computer Science, 2000. |
| York, D., Flooding Attack, Science Direct, 2021. |
| Number | Date | Country | |
|---|---|---|---|
| 20210256155 A1 | Aug 2021 | US |
| Number | Date | Country | |
|---|---|---|---|
| 62781837 | Dec 2018 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 16720222 | Dec 2019 | US |
| Child | 17156946 | US |
