ACryptographic File System for Unix
Matt Blaze
AT&T Bell Laboratories
101 Crawfords Corner Road, Room 4G-634
Holmdel, NJ 07733
mab@research.att.com
Abstract
Although cryptographic techniques areplaying an increas-
ingly important role in modern computing system security,user-
level tools for encrypting file data arecumbersome and suffer
from a number of inherent vulnerabilities. The Cryptographic
File System (CFS) pushes encryption services into the file system
itself. CFS supports securestorage at the system level through a
standardUnix file system interface to encrypted files. Users
associate a cryptographic key with the directories they wish to
protect. Files in these directories (as well as their pathname
components) aretransparently encrypted and decrypted with the
specified key without further user intervention; cleartext is never
stored on a disk or sent to a remote file server.CFS can use any
available file system for its underlying storage without modifica-
tion, including remote file servers such as NFS. System manage-
ment functions, such as file backup, work in a normal manner
and without knowledge of the key.
This paper describes the design and implementation of
CFS under Unix. Encryption techniques for file system-level
encryption aredescribed, and general issues of cryptographic
system interfaces to support routine securecomputing aredis-
cussed.
1. Introduction
Data security in modern distributed computing systems is a
difficult problem. Network connections and remote file system
services, while convenient, often make it possible for an intruder
to gain access to sensitive data by compromising only a single
component of a large system. Because of the difficulty of reli-
ably protecting information, sensitive files are often not stored on
networked computers, making access to them by authorized users
inconvenient and putting them out of the reach of useful system
services such as backup. (Of course, offline backups are them-
selves a security risk, since they make it difficult to destroy all
copies of confidential data when they are no longer needed.) In
effect, the (often well founded) fear that computer data are not
terribly private has led to a situation where conventional wisdom
warns us not to entrust our most important information to our
most modern computers.
Cryptographic techniques offer a promising approach for
protecting files against unauthorized access. When properly
implemented and appropriately applied, modern cipher
This is a pre-print of a paper to be presented at the First ACM
Conference on Communications and Computing Security,Fairfax,
VA,November 3-5, 1993.
algorithms (such as the Data Encryption Standard (DES)[5] and
the more recent IDEA cipher[4]) are widely believed sufficiently
strong to render encrypted data unavailable to virtually any
adversary who cannot supply the correct key.However,routine
use of these algorithms to protect file data is uncommon in cur-
rent systems. This is partly because file encryption tools, to the
extent they are available at all, are often poorly integrated, diffi-
cult to use, and vulnerable to non-cryptanalytic system level
attacks. Webelieve that file encryption is better handled by the
file system itself. This paper investigates the implications of
cryptographic protection as a basic feature of the file system
interface.
1.1. User-Level Cryptography Is Cumbersome
The simplest approach for file encryption is through a tool,
such as the Unix crypt program, that enciphers (or deciphers) a
file or data stream with a specified key.Encryption and decryp-
tion are under the user’s direct control. Depending on the partic-
ular software, the program may or may not automatically delete
the cleartext when encrypting, and such programs can usually
also be used as cryptographic "filters" in a command pipeline.
Another approach is integrated encryption in application
software, where each program that is to manipulate sensitive data
has built-in cryptographic facilities. For example, a text editor
could ask for a key when a file is opened and automatically
encrypt and decrypt the file’sdata as they are written and read.
All applications that are to operate on the same data must, of
course, include the same encryption engine. An encryption filter,
such as crypt,might also be provided to allow data to be
imported into and exported out of other software.
Unfortunately,neither approach is entirely satisfactory in
terms of security,generality,orconvenience. The former
approach, while allowing great flexibility in its application,
invites mistakes; the user could inadvertently fail to encrypt a
file, leaving it in the clear,orcould forget to delete the cleartext
version after encryption. The manual nature of the encryption
and the need to supply the key several times whenever a file is
used make encryption too cumbersome for all but the most sensi-
tive of files. More seriously,even when used properly,manual
encryption programs open a window of vulnerability while the
file is in clear form. It is almost impossible to avoid occasionally
storing cleartext on the disk and, in the case of remote file
servers, sending it over the network. Some applications simply
expect to be able to read and write ordinary files.
In the application-based approach, each program must have
built-in encryption functionality.Although encryption takes
place automatically,the user still must supply a key to each appli-
cation, typically when it is invoked or when a file is first opened.
Software without encryption capability cannot operate on secure
剩余7页未读,继续阅读
资源评论
xianglehappy2020-12-02很好的资源,感谢分享,推荐
52136
- 粉丝: 0
- 资源: 2
最新资源
- training_plan_db.sql
- 2c4f3adc7be59975e81fa0c1f24cb6ea.JPG
- python爬虫入门,分享给有需要的人,仅供参考
- 722bf4c3ee17fa231ad9efcb12407aa0.JPG
- 15da2b5d3ceeddc8af2f6a7eed26d7e0.JPG
- 7ae59002be36a13ad6de32c4e633a196.JPG
- spark中文文档,spark操作手册以及使用规范
- WPF-Halcon算法平台,类似于海康威視VisionMater.zip
- Fake Location,可用来王者荣誉修改战区及企业微信定位打卡等
- the fire level NULL
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
