[Cryptography] fyi: crypto Framework for Cloud File Systems and CryFS, a Provably-Secure Construction

[=JeffH]

a possibly interesting data point...

[ePrint Report] A Novel Cryptographic Framework for Cloud File Systems 
and CryFS, a Provably-Secure Construction
Sebastian Messmer, Jochen Rill, Dirk Achenbach, Jorn Muller-Quade
http://eprint.iacr.org/2017/773

Using the cloud to store data offers many advantages for businesses and 
individuals alike. The cloud storage provider, however, has to be 
trusted not to inspect or even modify the data they are entrusted with. 
Encrypting the data offers a remedy, but current solutions have various 
drawbacks. Providers which offer encrypted storage themselves cannot 
necessarily be trusted, since they have no open implementation. Existing 
encrypted file systems are not designed for usage in the cloud and do 
not hide metadata like file sizes or directory structure, do not provide 
integrity, or are prohibitively inefficient. Most have no formal proof 
of security. Our contribution is twofold. We first introduce a 
comprehensive formal model for the security and integrity of cloud file 
systems. Second, we present CryFS, a novel encrypted file system 
specifically designed for usage in the cloud. Our file system protects 
confidentiality and integrity (including metadata), even in presence of 
an actively malicious cloud provider. We give a proof of security for 
these properties. Our implementation is easy and transparent to use and 
offers performance comparable to other state-of-the-art file systems.