Possible Side Channels through Deduplication

posted in #IT Security, Mobile & Cloud on the 15.05.2019

Modern file systems like ZFS offer extended functionality such as deduplication by supporting Copy on Write (CoW). Deduplication allows duplicated files to be merged. This saves valuable storage space. However, the use of CoW changes the execution times of certain operations. In our experiments we were able to show that the writing process takes less time when writing already existing data than when writing data that is not yet on the disk. This allows an attacker with system access to draw conclusions about other data stored on the system. Especially in the environment of multi-user systems and Virtual Private Server (VPS) systems, the use of deduplication should therefore be reconsidered.

Downloads

File Description File size
pdf Project Report (DE) Version 1.0 of 20.03.2019 (German only)
 349 KB