• Title/Summary/Keyword: EncFS

Search Result 1, Processing Time 0.021 seconds

The Vulnerability Improvement Research Using Pseudo-Random Number Generator Scheme in EncFS (의사 난수 생성 방식을 이용한 EncFS의 취약점 개선 연구)

  • Jeong, Won-Seok;Jeong, Jaeyeol;Jeong, Ik Rae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.6
    • /
    • pp.1539-1550
    • /
    • 2016
  • In modern society, the number of applications, which needs storage, is increased. Among them, the advance of FinTech increased the importance of storage encryption. FinTech storage, storing sensitive information, should be kept secure. Unless the storage is kept, many users will be damaged monetarily. To prevent this problem, we should encrypt the storage. A EncFS, which is one of the most popular storage encryption application, uses different IVs for each block to provide higher levels of security in the encryption algorithm. However, there is a vulnerability related to the usage of same IVs. In this paper, we propose a technique that decrypts the ciphertexts without knowing the secret key by using the vulnerability. Moreover, we show that the EncFS is not secure under IND-CPA model and propose a new scheme which is secure under IND-CPA model.