*BSD News Article 64746


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.bhp.com.au!mel.dit.csiro.au!munnari.OZ.AU!spool.mu.edu!agate!howland.reston.ans.net!gatech!psinntp!psinntp!psinntp!interramp.com!usenet
From: myers@freebsd.interramp.com (David C. Myers)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: Crytographic file system?
Date: 2 Apr 1996 07:57:36 GMT
Organization: PSI Public Usenet Link
Lines: 27
Message-ID: <4jqmlg$h6r@usenet4.interramp.com>
References: <4j2cmu$g9m@usenet6.interramp.com> <4jkrmp$i5c@soda.csua.berkeley.edu>
NNTP-Posting-Host: ip239.san-francisco3.ca.interramp.com
X-Newsreader: knews 0.9.3

In article <4jkrmp$i5c@soda.csua.berkeley.edu>,
	mconst@soda.CSUA.Berkeley.EDU (Michael Constant) writes:
>
>Question: does this really do what you want it to?  I assume that
>this is meant to help against an intruder who has root; since if the
>intruder doesn't have root, regular filesystem permissions will keep
>him out.  But if the intruder does have root, he can grab your key
>right out of memory when you mount the filesystem!  (Not to mention
>hacking mount to record your password...)

No, this is not what I mean.  I mean each disk block should be encrypted
as it is written to the disk.  That means even if some bad guy steals my
computer and examines my disk sector by sector, he'd still have to deal
with the fact that the data is encrypted (preferably by 128-bit ciphers,
as in the Mac version I mentioned).

Obviously, suitable precautions should be taken to ensure that the
password is not preserved in virtual memory after the file system is
unmounted.

Think of it as on-the-fly encryption of data for an entire file system.

-David.