[Cryptography] Open source encrypted file system for cheap IoT device?

[Henry Baker]

At 12:25 PM 12/26/2017, John Ioannidis wrote:
>On Tue, Dec 26, 2017 at 9:59 AM, Henry Baker <hbaker1 at pipeline.com> wrote:
>At 11:35 PM 12/23/2017, grarpamp wrote:
>>No device info was included by OP.  Assuming BSD or Linux kernel, they both offer tiny simple full extent kernel block device encryptors upon which their standard filesystems can be laid down.
>>
>>Insufficient info given by OP to fit others.
>
>I was hoping for an open source encrypted file system on an device that is so small and so limited that it doesn't even run a form of Linux.  It doesn't even need multiple processes or multiple threads.
>
>Why would such a device even need an encrypted filesystem?  And where would you store the key material safely to protect it against an adversary who would be able to get access to the storage medium, and thus to the device itself?

Why?  Confidential info being stored/logged.

Key?  Hopefully something like public-key, so only the public key needs to be stored on the device -- but perhaps not even then.  If symmetric-key, then the device never stores the key at all, but it needs to be provided during bootup by some other mechanism, and is never stored to the file system itself (yet another reason for not using Linux -- way to much baggage to ever understand and/or verify).

Once again, it doesn't have to be fast, but it needs to have a small code footprint and be reasonably secure.