Hula Guys….I’m back with yet another topic on cryptography. This time, it’s cryptographic file systems. Securing data is more important than ever. As the Internet has become more pervasive, security attacks have grown. Widely-available studies report millions of dollars of lost revenues due to security breaches. As security becomes a greater focus in networks, every aspect of online information needs a level of protection from the network-level use of firewalls and IDS to the host-level use of IDS. But these days, an additional level of security has come on the forefront of information security field. Cryptographic File Systems.

There are various types of cryptographic file systems currently in use. However, these could be divided in two broad categories : Volume encryptors or Block based systems and File system encryptors.

Block Based File Systems (Volume Encryptors)

Block-based encryption systems operate below the file system level, encrypting one disk block at a time. This is advantageous because they do not require knowledge of the file system that resides on top of them, and can even be used for swap partitions or applications that require access to raw partitions. These encryptors encrypt whole drives and are convenient to use since they are transparent to the end user. However, volume encryptors do not provide fine-grained access control to individual directories or files.

File systems that typically work on this principal are PGPDisk, the Secure File System (SFS), the Linux CryptoAPI and ScramDisk. We’ll look at few of these.

• Secure File System (SFS): SFS is an MSDOS device driver that encrypts an entire partition. This provides the convenient abstraction of a file system, but relying on MSDOS is risky because MSDOS provides none of the protections of a modern operating system.
• BestCrypt: BestCrypt is a commercially available loopback device driver supporting many ciphers. BestCrypt supports both Linux and Windows, and uses a normal file as a backing store.
• OpenBSD vnd: Encrypted file systems support is part of OpenBSD’s Vnode Disk Driver, vnd(4). vnd uses two modes: one bypasses the buffer cache, the second uses the buffer cache. For encrypted devices, the buffer cache must be used to ensure cache coherency on unmount. The only encryption algorithm implemented so far is Blowfish.

These were a few of many file systems used for Block based or volume encryption. There is however another category of cryptographic file systems. This is known as File Encryptors or Disk based encryptors. Let us see what options are available here..

Disk Based File Systems (File Encryptors)

File encryptors operate at the application or presentation layer to provide true end-to-end file encryption. In order to provide some sort of transparency to the end-user file, encryptors typically require some measure of application rewrite in order to support encryption. File encryptor systems include such tools as PGP. For small numbers of files these types of encryptors are adequate but they do not scale well to storage systems. File system encryptors allow the encryption of files on a per-file or a per-directory basis using a single key. Systems such as these include the Cryptographic File System (CFS) developed by Matt Blaze, the Transparent Cryptographic File System (TCFS) supported under Linux and BSD, CryptFS, as well as Microsoft’s EFS fall under this category. Let us see at a few of these…

• Encrypted File System (EFS): EFS is the Encryption File System found in Microsoft Windows, based on the NT kernel (Windows 2000 and XP). It is an extension to NTFS and utilizes Windows authentication methods as well as Windows ACLs. Though EFS is located in the kernel, it is tightly coupled with user-space DLLs to perform encryption and the user-space Local Security Authentication Server for authentication. This prevents EFS from being used for protecting files or folders in the root or \winnt directory. Encryption keys are stored on the disk in a lockbox that is encrypted using the user’s login password. This means that when users change their password, the lockbox must be re-encrypted. If an administrator changes the user’s password, then all encrypted files become unreadable. Additionally, for compatibility with Windows 2000, EFS uses DESX by default and the only other available cipher is 3DES (included in Windows XP or in the Windows 2000 High Encryption pack)
• StegFS: StegFS is a file system that employs steganography as well as encryption. If adversaries inspect the system, then they only know that there is some hidden data. They do not know the contents or extent of what is hidden. This is achieved via a modified Ext2 kernel driver that keeps a separate block-allocation table per security level. It is not possible to determine how many security levels exist without the key to each security level. When the disk is mounted with an unmodified Ext2 driver, random blocks may be overwritten, so data is replicated randomly throughout the disk to avoid loss of data. Although StegFS achieves plausible deniability of data’s existence, the performance degradation is a factor of 6-196, making it impractical for most applications.
• Cryptographic File System (CFS): This file system is further sub categorized under the category of Network Based File System or NBFS. Another such file system is the TCFS or Transparent Cryptographic File System. These network based file systems operate on top of any other file systems and are more portable than disk-based file systems. However, since each request must travel through the network stack, more data copies are required and hence performance suffers. Security also suffers because NBFS are vulnerable to all of the weaknesses of the underlying network protocol.CFS is a cryptographic file system that is implemented as a user-level NFS server. The cipher and key are specified when encrypted directories are first created. The CFS daemon is responsible for providing the owner with access to the encrypted data via an attach command. The daemon, after verifying the user ID and key, creates a directory in the mount point directory that acts as an unencrypted window to the user’s encrypted data. Once attached, the user accesses the attached directory like any other directory. CFS is a carefully designed, portable file system with a wide choice of built-in ciphers. Its main problem, however, is performance. Because it runs in user mode, it must perform many context switches and data copies between kernel and user space.
• Transparent Cryptographic File System (TCFS): TCFS is a cryptographic file system that is implemented as a modified kernel-mode NFS client. Since it is used in conjunction with an NFS server, TCFS works transparently with the remote file system, eliminating the need for specific attach and detach commands. To encrypt data, a user sets an encrypted attribute on directories and files within the NFS mount point. TCFS integrates with the UNIX authentication system in lieu of requiring separate passphrases. It uses a database in /etc/tcfspwdb to store encrypted user and group keys. Group access to encrypted resources is limited to a subset of the members of a given UNIX group, while allowing for a mechanism (called threshold secret sharing) for reconstructing a group key when a member of a group is no longer available.TCFS has several weaknesses that make it less useful for deployment. First, the reliance on login passwords as user keys is not safe. Also, storing encryption keys on disk in a key database further reduces security. Finally, TCFS is available only on systems with Linux kernel 2.2.17 or earlier, limiting its availability.

There is however yet another classification of cryptographic file systems. This is again a sub-category under the File Encryptors. This is known as Stackable File Systems. I’ll briefly discuss one such file system that falls under this sub-category.

• CryptFS: Cryptfs is the stackable, cryptographic file system and part of the FiST toolkit. Cryptfs was never designed to be a secure file system, but rather a proof-of-concept application of FiST. Cryptfs supports only one cipher and implements a limited key management scheme. Cryptfs serves as the basis for several commercial and research systems. A user application invokes a system call through the Virtual File System (VFS). The VFS calls the stackable file system, which again invokes the VFS after encrypting or decrypting the data. The VFS calls the lower level file system, which writes the data to its backing store.

Dear friends, in this post, I have discussed the various cryptographic file systems. In my next post, I’ll be discussing various cipher algorithms that are used to encrypt & decrypt the data. Till then you all have a nice time.

Any suggestions / feedback / comments would be highly appreciated.

Enjoy !

Similar Posts you might be interested in:

• Malicious Cryptography
• MD5 Collision Attack
• Secure websites are not so secure