EFS: Encrypted File system An Introduction & Final Project For CSE785: Computer Security Syracuse University Spring 2005 Overview: EFS: What? Why? Related Work Project Introduction Background: Encryption/Decryption algorithms Mounting file system Minix System Call Project Requirement Some design & implementation ideas My help session topics Conclusion EFS: what is it? Encrypted File System (EFS) provides the core file encryption technology used to store encrypted files on the File System. Corporate world is very competitive, so any code, system specifications, often needs to be controlled. We have to share data among many users or groups, the potential risk for a computer security from a users perspective. Password Security – Does nothing to preventing a disk being mounted on a different system and reading the contents. EFS: why do we need it? Security—First and Foremost Privacy Ensure that private data is not accessed by other users ( may not be malicious). Reliability – An integral component Secures Data from being accessed by any malicious user / hacker. Only responsible people are provided access to important data Resource Sharing Many users can use the same system and still can work independently. EFS: benefits The Disk Encryption reduce risk of data exposure in a specific, if uncommon, scenario. To avoid system risks such as: Computer is bodily stolen. Someone inside the company is trying to compromise information. The system is cracked while attached to a network or with some malicious software. The primary benefit of the encrypted disk system is defense against device theft, and making your system a more secured one. Though, the risks are partially mitigated. EFS: a definition from whatis.com The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent. EFS is especially useful for mobile computer users, whose computer (and files) are subject to physical theft, and for storing highly sensitive data. EFS simply makes encryption an attribute of any file or folder. To store and retrieve a file or folder, a user must request a key from a program that is built into Windows 2000. Although an encrypting file system has existed in or been an add-on to other operating systems, its inclusion in Windows 2000 is expected to bring the idea to a larger audience. Related work StegFS: A Steganographic File System for Linux, University of Cambridge. CFS: Cryptographic File System , Temple University. SFS: Secure File system, University of Minnesota and StorageTek. TCFS :Transparent Cryptographic File System) University of Salerno (Italy). Project Introduction In this project, we would like you to Design a scheme to add security features to the existing file system and Devise ways to encrypt / decrypt files using the encryption algorithms Background Knowledge Encryption/Decryption Algorithms Two types of Encryption/Decryption Schemes Symmetric Key (Secret-key) Scheme DES: Data Encryption Standard AES: Advanced Encryption Standard Asymmetric Key (public-key) Scheme RSA: reinvented by Rivest, Shamir, and Adleman ECC: Elliptic Curve Cryptography Symmetric Key Algorithms A symmetric-key algorithm is an algorithm for cryptography that uses the same cryptographic key to encrypt and decrypt the message. (Actually, it is sufficient for it to be easy to compute the decryption key from the encryption key and vice versa.) Other terms for symmetric-key encryption are single-key and private-key encryption AES Algorithm Advanced Encryption Standard, a symmetric 128bit block data encryption technique developed by Belgian cryptographers Joan Daemen and Vincent Rijmen. AES works at multiple network layers simultaneously. The U.S government adopted the algorithm as its encryption technique in October 2000, replacing the DES encryption it used. The National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce selected the algorithm, called Rijndael, out of a group of five algorithms under consideration, including one called MARS from a large research team at IBM. Asymmetric Key Algorithms An encryption method that uses a twopart key: a public key and a private key. To send an encrypted message to someone, you use the recipient's public key, which can be sent to you via regular e-mail or made available on any public Web site or venue. To decrypt the message, the recipient uses the private key, which he or she keeps secret. Contrast with "secret key cryptography," which uses the same key to encrypt and decrypt Usually we call it Public Key algorithms Background Knowledge Mounting File System All files accessible in a Unix system are arranged in one big tree, the file hierarchy, rooted at /. These files can be spread out over several devices. The mount command serves to attach the file system found on some device to the big file tree. Conversely, the umount command will detach it again. Background Knowledge System Call Implementation We expect the implementation in kernel level, so you should make use of system calls On how to implement system calls, please refer to materials in help session 3: system call creation & implementation Project Requirements We expect you to design and implement a working encrypted file system for the Minix operating system, which includes: Individual users should have their keys for encrypting and decrypting files Key management in the system File management Authenticate the user trying to login to the system General Kernel Architecture. open(), read(), write(), etc User Process System Call Interface VFS Minix FS Kernel Ext2fs Buffer Cache Device Driver Disk Controller Hardware Design and Implementation Ideas.. Many of the Implementation that we have seen here, has a kernel level implementation of the file system. Certain implementations have also user level daemons running that call the kernel level programs ( e.g.: NFS) I am just describing one system architecture, each of the project team has to come up with their own creative designs. Example -- General System Architecture KeyID Each Blocks max Data size Block Size This blocks data size Encrypted Data Area User Accessible Memory read() write() Key DB Key Encryption and Decryption Process Design Issues..areas to be looked on... The file pointer issues. Buffer overflow problems – how are you going to deal with this. Key Management – An area worth thinking about how you will manage your keys. What effect does the process like read and write have on the files? How are you going to define your system policy? Problems related with revocation, change ownership etc. Refer to some other EFS systems As mentioned in the related work slide StegFS: A Steganographic File System for Linux, University of Cambridge. CFS: Cryptographic File System, Temple University. SFS: Secure File system, University of Minnesota and StorageTek. TCFS :Transparent Cryptographic File System University of Salerno (Italy). Sample EFS demo sites You can run and see how the EFS works, I am listing some sample sites: http://www.geocities.com/openpgp/linux_en.h tml http://www.linux.se/doc/lasg-www/encryption/ My help session topics Temporarily, I have the following schedule for the help session before project due: Location: Star Lab in CST 1-120 Time: The following afternoons 1:00~4:00pm Schedule*: 04/14: AES algorithms 04/21: Mounting your file system 04/28: File system management 05/05: Last minute rush * May change according to your feedback Thank you & Good luck!