The Steganographic File System

  • Ross Anderson
  • Roger Needham
  • Adi Shamir
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1525)


Users of some systems are at risk of being compelled to disclose their keys or other private data, and this risk could be mitigated if access control mechanisms supported an element of plausible deniability. However, existing plausible deniability mechanisms, such as the one-time pad, are of rather limited scope.

In this paper, we present the steganographic file system. This is a storage mechanism designed to give the user a very high level of protection against being compelled to disclose its contents. It will deliver a file to any user who knows its name and password; but an attacker who does not possess this information and cannot guess it, can gain no information about whether the file is present, even given complete access to all the hardware and software. We provide two independent constructions, which make slightly different assumptions.


Security Level Forward Error Correction Block Cipher High Level Process Access Control Mechanism 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    “Measuring the Diversity of Random Number Generators”, R Anderson, R Gibbens, C Jagger, F Kelly, M Roe, preprint, 1992Google Scholar
  2. 2.
    “Stretching the Limits of Steganography”, RJ Anderson, in [3] pp 39–48Google Scholar
  3. 3.
    Information Hiding’, May 30–June 1 1996; proceedings published by Springer as Lecture Notes in Computer Science vol 1174Google Scholar
  4. 4.
    “Tamper Resistance-a Cautionary Note”, RJ Anderson, MG Kuhn, in Proceedings of the Second Usenix Workshop on Electronic Commerce (Nov 96) pp 1–11Google Scholar
  5. 5.
    Plausible Deniability’, DR Beaver, Pragocrypt 96 pp 272–288Google Scholar
  6. 6.
    “Plug and Play Encryption”, DR Beaver, in Advances in Cryptology-Crypto 97, Springer LNCS v 1294 pp 75–89CrossRefGoogle Scholar
  7. 7.
    “Can invisible watermark resolve rightful ownerships?”, S Craver, N Memon, BL Yeo, MM Yeung, Fifth Conference on Storage and Retrieval for Image and Video Database, 13–14 February 1997, San Jose, CA; SPIE vol 3022 pp 310–321Google Scholar
  8. 8.
    “Attacks on Copyright Marking Systems”, FAP Petitcolas, RJ Anderson, MG Kuhn, in these proceedings; this paper is also available online at
  9. 9.
    Request for Proposals-Embedded Signalling Systems’, June 97, International Federation of the Phonographic Industry, 54 Regent Street, London W1R 5PJGoogle Scholar
  10. 10.
    “File Organisation: Implementation of a Method Guaranteeing Retrieval in One Access”, P å Larson, A Kajla, in Communications of the ACM v 27 no 7 (July 1984) pp 670–677CrossRefGoogle Scholar
  11. 11.
    Cryptography and Evidence’, M Roe, Cambridge University (PhD Thesis, 1997)Google Scholar
  12. 12.
    “Developer tortured by raiders with crowbars”, M Weaver, Daily Telegraph, 31 October 97Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Ross Anderson
    • 1
  • Roger Needham
    • 2
  • Adi Shamir
    • 3
  1. 1.Cambridge UniversityUSA
  2. 2.Microsoft Research LtdUSA
  3. 3.Weizmann InstituteUSA

Personalised recommendations