cryptographic file systems

INDIAN INSTITUTE OF TECHNOLOGY, KHARAGPUR

CRYPTOGRAPHIC FILE SYSTEMS

UNDER THE GUIDANCE OF :

PROF CR MANDAL

DEPT OF COMPUTER SCIENCE

OUTLINEINTRODUCTION

A BRIEF RESUME OF ALTERNATE SOLUTIONS

ADITYA KARAN, 14CS60D05, DEPT OF COMPUTER SCIENCE CRYPTOGRAPHIC FILE SYSTEM


ADITYA KARAN, 14CS60D05, DEPT OF COMPUTER SCIENCE CRYPTOGRAPHIC FILE SYSTEM SLIDE 2

OUTLINEINTRODUCTION

BRIEF RESUME OF ALTERNATE SOLUTIONS

INTRODUCTION

BRIEF RESUME OF ALTERNATE SOLUTION

CRYPTOGRAPHIC FILE SYSTEM – UNDERLYING PRINCIPLE

CRYPTOGRAPHIC FILE SYSTEM - DESIGN GOALS

UNIX FILE SYSTEM – A QUICK LOOK

CRYPTOGRAPHIC FILE SYSTEM

CONCLUSION



OUTLINEINTRODUCTION


INTRODUCTION

“SECURE DATA PROBLEM”



PROBLEM : DATA SECURITY

•SHARED RESOURCES

•NETWORKED COMPUTERS

•REMOTE FILE SYSTEMS

OUTLINEINTRODUCTION




AS A RESULT:-

•STORAGE OF SENSITIVE FILES IS PROBLEMATIC.

•INCONVENIENCE TO AUTHORISED USERS IN SEAMLESS ACCESS.

•OUT OF REACH OF ESSENTIAL SYSTEM SERVICES LIKE BACKUP ETC.

OUTLINEINTRODUCTION




INTUITIVE SOLUTION:- “APPLICATION OF CRYPTO TECHNIQUES”

•A PROMISING APPROACH.

•MODERN CIPHER ALGORITHMS SUFFICEINTLY STRONG.

OUTLINEINTRODUCTION




OUTLINEINTRODUCTION

A BRIEF RESUME OF ALTERNATE SOLUTIONS

BUT:-

•POORLY INTEGRATED FILE ENCRYPTION TOOLS.

•VULNERABLE TO NON-CRYPTOANALYTIC SYSTEM-LEVEL ATTACKS.



THEREFORE:-

•ANSWER MUST LIE IN A SYSTEM-LEVEL SOLUTION.

•BASIC FEATURE OF THE FILE SYSTEM INTERFACE ?

OUTLINEINTRODUCTION





INTRODUCTIONBRIEF RESUME OF ALTERNATE SOLUTIONS




ANALYSIS:-

•USER – LEVEL CRYPTOGRAPHY

•INTEGRATED ENCRYPTION IN APPLICATION SOFTWARE





USER LEVEL CRYPTOGRAPHY:-

• FILE ENCRYPTION BY THE USER HIMSELF THROUGH A TOOL eg crypt IN LINUX

• ENCRYPTION AND DECRYPTION ARE DIRECTLY UNDER USER’S CONTROL

• cleartext MAY OR MAY NOT BE DELETED BY THE USER OR SOFTWARE





INTEGRATED ENCRYPTION IN APP SOFTWARE:-

• EACH PROGRAM HAS A BUILT-IN CRYPTO FACILITY

• AUTOMATICALLY ENCRYPT AND DECRYPT FILE DATA AS IT IS WRITTEN AND READ

• ALL APPS MUST INCLUDE SAME CRYPTO ENGINE

• ENCRYPTION FILTER FOR DATA FLOW AMONG DIFFERENT APPS





BUT:-

•USER LEVEL CRYPTOGRAPHY:-•INVITES MISTAKES, FAILURE TO DELETE cleartext

•TOO CUMBERSOME –KEY MUST BE SUPPLIED SEVERAL TIMES

•cleartext BACKUP ON LOCAL DISKS OR REMOTE FILE SYSTEMS BY APPS





BUT:-

•APPLICATION – BASED APPROACH:-•EACH APP MUST HAVE BUILT-IN CAPABILITY

•SUPPLY KEY TO EACH APPLICATION

•DATA INTEGRITY AND INTEROPERABILITY AMONGST DIFFERENT SOFTWARE

•PERFORMANCE PENALTY DUE TO MULTIPLE COPIES OF CRYPTO CODE





SYSTEM LEVEL CRYPTOGRAPHY:-

•IDENTIFICATION OF TRUST MODEL:-•WHICH COMPONENTS OF THE SYSTEM SHOULD BE TRUSTED?

•WHICH COMPONENTS ARE VULNERABLE TO COMPROMISE?

•TRUST SHOULD BE LIMITED TO THOSE PARTS OF THE SYSTEM THAT ARE DIRECTLY UNDER USER’S CONTROL






•IDENTIFICATION OF TRUST MODEL:-•PROTECTION OF PHYSICAL MEDIA

•INCLUDES ONLINE DISKS, BACKUP COPIES

•PROTECTION OF NETWORK CONNECTION INDISTRIBUTED SYSTEMS

•CAN YOU TRUST THE SERVER?






•PROTECTION OF PHYSICAL MEDIA:-•USAGE OF SPECIALISED HARDWARE

•DISK CONTROLLER WITH EMBEDDED ENCRYPTION HARDWARE

•COMPLETELY TRANSPARENT TO USER






•BUT:-•DIFFCULTY IN SHARING RESOURCES

•AVAILABILITY OF HARDWARE IS AN ISSUE

•DATA NOT PROTECTED TILL AND FROM REMOTE FILE SERVERS






•PROTECTION OF NETWORK CONNECTIONS:-•END-TO-END ENCRYPTION

•FILE SERVER SHOULD BE TRUSTED TO HOUSE KEYS

•TWO CRYPTO OPERATIONS FOR EACH FILE ACCESS AT SERVER – ADDING WORKLOAD AT SERVER






CRYPTOGRAPHIC SERVICES IN A FILE SYSTEM


•YET ANOTHER APPROACH:-•CREATION OF ENCRYPTED AREAS ON DISK

•REQUIRES PREALLOCATION OF STORAGE SPACE TO A GIVEN KEY

•OFTEN APPEARS AS A SINGLE LARGE FILE AND DIFFICULT TO MANAGE




UNDERLYING PRINCIPLE

BRIEF RESUME OF ALTERNATE SOLUTIONSCRYPTOGRAPHIC FILE SYSTEM – UNDERLYING PRINCIPLE

CRYPTOGRAPHIC FILE SYSTEM – DESIGN GOALS



UNDERLYING PRINCIPLE:-

•WHERE SHOULD THE RESPONSIBILITY OF FILE ENCRYPTION BELONG IN THE SYSTEM?

•TOO LOW A LEVEL – TRUST COMPONENTS AWAY FROM USER’S CONTROL

•TOO CLOSE TO USER – HIGH DEGREE OF HUMAN INTERVENTION REQUIRED





UNDERLYING PRINCIPLE:-

UNTRUTSED COMPONNETS

TRUSTED COMPONENTS

DATA FLOW






DESIGN GOALS

CRYPTOGRAPHIC FILE SYSTEM – UNDERLYING PRINCIPLECRYPTOGRAPHIC FILE SYSTEM – DESIGN GOALS




DESIGN GOALS:-

•RATIONAL KEY MANAGEMENT•OBTAIN KEY FROM USER

• RESTRICT ASKING KEY TO ONCE PER SESSION





DESIGN GOALS:-

•TRANSPARENT ACCESS SEMANTICS•BEHAVIOUR OF ENCRYPTED FILES SHOULD NOT BE DIFFERENT FROM OTHER FILES

• ALL SYSTEM FILES SHOULD WORK NORMALLY

•POSSIBILITY OF COMPILATION AND EXECUTION IN A SECURE ENVIRONMENT





DESIGN GOALS:-

•TRANSPARENT PERFORMANCE•LOW COMPUTATIONAL PENALTY

• PROTECTION OF FILE CONTENTS•ACTUAL AND STRUCTURAL DATA SHOULD NOT BE REVEALED





DESIGN GOALS:-

•PROTECTION OF METADATA•PROTECTION OF FILENAMES ETC

• PROTECTION OF NETWORK CONNECTIONS





DESIGN GOALS:-

•NATURAL KEY GRANULARITY•GROUPING OF RELATED CONTENTS WITH A SINGLE KEY

•EASY TO CREATE NEW KEYS FOR OTHER SUCH GROUPS





DESIGN GOALS:-

•COMPATIBILITY WITH UNDERLYING SYSTEM SERVICES

•STORAGE AND MANAGEMENT SAME AS OTHER FILES

•BACKUP/RETSORE WITHOUT THE KNOWLEDGE OF KEY





DESIGN GOALS:-

•PORTABILITY•EXPLOITATION OF EXISTING INTERFACES

•SCALE•NO UNUSUAL LOAD ON SHARED COMPONENTS





DESIGN GOALS:-

•CONCURRENT ACCESS•POSSIBILITY OF SIMULTANEOUS ACCESS

•LIMITED TRUST•TRUST COMPONENTS ONLY UNDER DIRECT CONTROL





UNIX FILE SYSTEM

A QUICK LOOK

CRYPTOGRAPHIC FILE SYSTEM – DESIGN GOALSUNIX FILE SYSTEM – A QUICK LOOK




UNIX FILE SYSTEM





UNIX FILE SYSTEM

•ORGANISATION•TREE STRUCTURED NAMESPACE

•FILES IN LEAVES

•ROOT DIRECTORY - /





UNIX FILE SYSTEM

•LINKS•HARD LINK – FILENAME IN A DIRECTORY

•SYMBOLIC LINKS – FILE CONTAINER FOR A PATHNAME





UNIX FILE SYSTEM

•VIRTUAL FILE SYSTEM•MOUNT DIFFERENT FILE SYSTEMS

•KERNEL SOFTWARE LAYER TO HANDLE ALL SYSTEM CALLS FOR FILE SYSTEMS

•PROVIDES A COMMON INTERFACE TO FILE SYSTEMS





UNIX FILE SYSTEM

•VIRTUAL FILE SYSTEM

•/floppy :– MS-DOS

•/temp :- Ext2

$ cp /floppy/TEST /tmp/test





UNIX FILE SYSTEM

•TYPES OF FILE SYSTEMS:-•DISK-BASED FILE SYSTEMS eg Ext3, Ext4, ISO 9660, NTFS etc

•NETWORK FILE SYSTEMS eg NFS, Coda, AFS etc

•SPECIAL FILE SYSTEMS eg /proc






CRYPTOGRAPHIC SERVICES IN A FILE SYSTEM

UNIX FILE SYSTEM

•ROOT FILE SYSTEM:-•TREE WITH ‘/’ AS ROOT

•ALL OTHER FS MOUNTED ON ROOT

•VFS HANDLES VIRTUAL BLOCK DEVICES - /dev/loop0

•FS MAY BE STORED AS A SINGLE ENCRYPTED FILE



UNIX FILE SYSTEM

MULTIPLE FILE SYSTEMS MOUNTED UNDER ROOT





UNIX FILE SYSTEM

•COMMON FILE MODEL•SUPERBLOCK OBJECT

o STORES INFO ABOUT MOUNTED FS

o FOR DISK BASED SYSTEMS, CORRESPONDS TO A FS CONTROL BLOCK ON DISK





UNIX FILE SYSTEM

•COMMON FILE MODEL•INODE OBJECT

o GENERAL INFO ABOUT A SPECIFIC FILE

o FOR DISK BASED SYSTEMS, CORRESPONDS TO A FILE CONTROL BLOCK ON DISK

oASSOCIATED WITH AN UNIQUE INODE NUMBER





UNIX FILE SYSTEM

•COMMON FILE MODEL•FILE OBJECT

o STORES INFO ABOUT INTERACTION B/W AN OPEN FILE AND A PROCESS

o INFO EXISTS ONLY IN THE KERNEL MEMORY DURING THE INTERACTION





UNIX FILE SYSTEM

•COMMON FILE MODEL•DENTRY OBJECT

o STORES INFO ABOUT LINKING OF A DIRECTORY ENTRY WITH A PARTICULAR FILE

o DENTRY OBJECT IS UNIQUE FOR EACH FS





UNIX FILE SYSTEM

•FILESYSTEM HANDLING•ROOT FILESYSTEM – MOUNTED BY KERNEL DURING BOOTING

•OTHER FILESYSTEMS MOUNTED ON DIRECTORIES OF ALREADY MOUNTED FILE SYSTEMS – MOUNT POINTS





UNIX FILE SYSTEM

•IMPLEMENTATION OF SYSTEM CALLS THROUGH VFS

•PATHNAME LOOKUP – DERIVE INODE

•FILENAME – MAY BE THE MOUNT POINT OF ANOTHER FS

•PERFORM LOOKUP INSIDE THE NAMESPACE OF PROCESS





UNIX FILE SYSTEM


•PARENT PATHNAME LOOKUP –DERIVE DENTRY OBJECT

•LOOKUP OF SYMBOLIC LINKS

•IMPLEMENT THE OPERATION





UNIX FILE SYSTEM


write(f, &buf, len); Writes len bytes pointed to by &buf in the file represented by File Descriptor f





UNIX FILE SYSTEM


•VFS(PART OF KERNEL) PROVIDES GENERIC INTERFACE TO USER APPLICATIONS

•FILESYSTEM – SPECIFIC INTERFACE

•ALL OPERATIONS HAPPEN ON cleartext






UNIX FILE SYSTEM – A QUICK LOOKCRYPTOGRAPHIC FILE SYSTEM

CONCLUSION




•CFS FUNCTIONALITY•PROVIDE SECURE FILE SERVICE

•NO NOTION OF SPECIALITY IN SECURE FILES

•INTERACTION THROUGH STANDARD SYSTEM CALLS

•TRANSPARENT FILE SYSTEM INTERFACE TO DIRECT

•USERS “attach” CRYPTO KEY TO A DIRECTORY

•SUCH ATTACHED DIRECTORIES AVAILABLE TO USERS WITH NORMAL SYSTEM CALLS


CONCLUSION




•FUNCTIONALITY•FILES AUTOMATICALLY ENCRYPTED DURING READ AND WRITE

•NO MODIFICATION REQUIRED IN THE FILESYSTEM

•BACKUP, RESTORE, ARCHIVAL FUNCTION NORMALLY

•cleartext FILE CONTENTS NEITHER STORED NOR TRANSMITTED OVER NETWORK


CONCLUSION




•FILE SYSTEM IMPLEMENTATION•PRESENTS A VIRTUAL FILE SYSTEM

•cmkdir - CREATES ENCRYPTED DIRECTORIES

•cattach - CREATES ENTRIES CFS ASSOCIATING DIRECTORIES WITH KEYS

/(root)

/usr

/abc /def

/xyz

/etc /crypt


CONCLUSION




•FILE SYSTEM IMPLEMENTATION /(root)

/usr

/abc /def

/secrets /xyz

/etc /crypt

$ cmkdir /usr/abc/secretsKey: (user enters passphrase which does not echo)Again: (used to prevent errors)$


CONCLUSION





/usr

/abc /def/normal

/xyz

/etc /crypt

$ cattach usr/abc/secrets /crypt/normalKey: (same key used in cmkdir command)$

/secrets


CONCLUSION




•FILE SYSTEM IMPLEMENTATION•ALL STANDARD FILE SYSTEM OPERATIONS WORK NORMALLY

•ACTUAL FILES STORED UNDER /usr/abc/secrets IN ciphertext

•APPEAR TO USER IN /crypt/normal IN cleartext

/(root)

/usr

/abc /def

/normal

/xyz

/etc /crypt

/secrets


CONCLUSION




•FILE SYSTEM IMPLEMENTATION

/abc

/normal/xyz

/crypt

/secrets

$ echo “murder” >/crypt/normal/crimes$

/crimes/8b06e57hj399da81cs91827

murder

M-Z, k^J^BVM-VM-6A~uM-LM-_M-DM-^[

“VISIBLE” TO USERACTUAL


CONCLUSION





/usr

/abc /def

/secrets /xyz

/etc /crypt

$ cdetach normal$

/8b06e57hj399da81cs91827


CONCLUSION




•ARCHITECTURE•IMPLEMENTED ENTIRELY AT USER LEVEL

•COMMUNICATES WITH UNIX KERNEL VIA NFS INTERFACE

•EACH CLIENT MACHINE RUNS A SPECIAL NFS SERVER, cfsd

•CLIENT KERNEL INTERACTS WITH CFS VIA 17 RPCs

•SERVER IS STATELESS


CONCLUSION




DATA FLOW IN STANDARD FILESYSTEM DATA FLOW IN CFS


CONCLUSION




DATA FLOW IN CFS / NFS


CONCLUSION




•CONCLUSION•CFS PROVIDES A SIMPLE MECHANISM FOR DATA PROTECTION

•APPLICATION LEVEL CRYPTO TOO VULNERABLE

•DISK-LEVEL CRYPTO MAY NOT MATCH GRANULARITY

•NETWORK CRYPTO TOO CUMBERSOME

•HENCE, CFS IS IDEALLY PLACED IN THE SYSTEM FOR CRYPTO SERVICES


CONCLUSION



REFERENCES


CONCLUSION

[1] BLAZE MATT, ACM CONFERENCE ON COMM AND COMP SECURITY, (MAY), 1993.

[2] HOWARD, J.H., KAZAR, M.L., MENEES, S.G., NICHOLS, D.A., SATYANARYANAN, M. & SIDEBOTHAM, R.N. "SCALE AND PERFORMANEE IN DISTRIBUTED FILE SYSTEMS." ACM TRANS. COMPUTING SYSTEMS, VOL. 6, NO. 1, (FEBRUARY), 1988.

[3] KLEIMAN, S.R., "VNODES: AN ARCHITECTURE FOR MULTIPLE FILE SYSTEM TYPES IN SUN UNIX." PREC. USENIX, 1986.

[4] LACY, J., MITCHELL, D., AND SCHELL, W., "CRYPTOLIB: A C LIBRARY OF ROUTINES FOR CRYPTOSYSTEMS." PREC. FOURTH USENIX SECURITY WORKSHOP, (OCTOBER), 1993.

[5] LAI, X. AND MASSEY, J. "A PROPOSAL FOR A NEW BLOCK ENCRYPTION STANDARD." PREC. EUROCRYPT 90, 389-404,1990.

cryptographic file systems

Software

file data

computer data

kharagpur aditya karan

file encryption tools

remote file system services

cryptographic file system

sensitive data

large system