An Encrypted File System



Similar documents
DarkFS - An Encrypted File System

High Security Online Backup. A Cyphertite White Paper February, Cloud-Based Backup Storage Threat Models

II. DISCUSSION ON ENCRYPTION PROGRAMS

Using etoken for SSL Web Authentication. SSL V3.0 Overview

!!!! Memeo C1 Security !!!!!!!!!!! Bret Savage, CTO. October Memeo Inc. All rights reserved Memeo Inc. All rights reserved.

Is your data safe out there? -A white Paper on Online Security

SoftNAS Application Guide: In-Flight Encryption 12/7/2015 SOFTNAS LLC

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Analyzing the Security Schemes of Various Cloud Storage Services

The Einstein Depot server

Cryptography: RSA and Factoring; Digital Signatures; Ssh

arxiv: v1 [cs.cr] 24 Nov 2014

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Security Architecture Whitepaper

WHITE PAPER

AutoCrypt 2.1 User Guide!

Is Your SSL Website and Mobile App Really Secure?

Privacy Patterns in Public Clouds

Understanding Secure Shell Host Keys

List of FTP commands for the Microsoft command-line FTP client

2 Advanced Session... Properties 3 Session profile... wizard. 5 Application... preferences. 3 ASCII / Binary... Transfer

Chapter 9 Key Management 9.1 Distribution of Public Keys Public Announcement of Public Keys Publicly Available Directory

Secure cloud access system using JAR ABSTRACT:

MySQL Security: Best Practices

Encrypting Business Files in the Cloud

Manual for Android 1.5

Thick Client Application Security

2007 Microsoft Office System Document Encryption

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS

CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services

Side channels in cloud services, the case of deduplication in cloud storage

Chapter 7: Network security

Rstudio Server on Amazon EC2

Encrypting and signing

Xerox DocuShare Security Features. Security White Paper

How to upload large files to a JTAC Case

Securing Data at Rest ViSolve IT Security Team

Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing

E- Encryption in Unix

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow

Cisco Trust Anchor Technologies

Sterling Integrator. PGP Server Manager 5.1

Chapter 6: Fundamental Cloud Security

How To Get To A Cloud Storage And Byod System

Module Title: Advanced Systems Administration 2

Snow Agent System Pilot Deployment version

SiRiUS: Securing Remote Untrusted Storage

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

DFW Backup Software. Whitepaper Data Security

The Case For Secure

Ciphire Mail. Abstract

PHOENIX: SECURE FILE TRANSFER USING SSL

Building A Secure Microsoft Exchange Continuity Appliance

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

DRAFT Standard Statement Encryption

CPSC 467b: Cryptography and Computer Security

Information Security

Review On Incremental Encrypted Backup For Cloud

Blaze Vault Online Backup. Whitepaper Data Security

Secure data storage. André Zúquete Security 1

SafeNet Luna SA Client Software Installation

Why you need secure

Sync Security and Privacy Brief

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Lab Configure Basic AP Security through IOS CLI

How to Backup XenServer VM with VirtualIQ

Chapter 10. Cloud Security Mechanisms

Checksums, your best friends, for security

Princeton University Computer Science COS 432: Information Security (Fall 2013)

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

ERNW Newsletter 29 / November 2009

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

Encrypt-FS: A Versatile Cryptographic File System for Linux

Signing and Encryption with GnuPG

PowerChute TM Network Shutdown Security Features & Deployment

HIPAA Privacy & Security White Paper

WS_FTP Professional 12. Security Guide

Authentication Types. Password-based Authentication. Off-Line Password Guessing

DataTrust Backup Software. Whitepaper Data Security. Version 6.8

Configuring Security Features of Session Recording

CS 2112 Lab: Version Control

Data Storage Security in Cloud Computing

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2


1 Basic commands. 2 Terminology. CS61B, Fall 2009 Simple UNIX Commands P. N. Hilfinger

Secured Enterprise eprivacy Suite

Version control. HEAD is the name of the latest revision in the repository. It can be used in subversion rather than the latest revision number.

Certificate Authorities and Public Keys. How they work and 10+ ways to hack them.

Command-Line Operations : The Shell. Don't fear the command line...

OBM (Out of Band Management) Overview

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Signing and Encryption with GnuPG

Table of Contents Introduction Supporting Arguments of Sysaxftp File Transfer Commands File System Commands PGP Commands Other Using Commands

Tips and Tricks SAGE ACCPAC INTELLIGENCE

Week Overview. Running Live Linux Sending from command line scp and sftp utilities

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

SSL Tunnels. Introduction

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

Transcription:

EncryptFS: An Encrypted File System By: Jorge Ornelas (joor2992) Ulziibayar Otgonbaatar (ulziibay) Otitochi Mbagwu (otitochi) 1

Abstract EncryptFS is an encrypted file system that stores files on an untrusted server. Users can add, modify, rename and delete files on the server and the server cannot obtain any information about any of the files or their names. This is done using RSA signing along with AES encryption of files. File sharing is done via capabilities that allow other users to either read or write to a file. The interface for EncryptFS is one of many other linux programs. The server and client are launched from command line and commands and arguments are also done via the command line. In order to make this easier we developed a shell to run these commands. Overall, we were successful in implementing the file system, but deviated from our original design of peer to peer encrypted file sharing. 2

Intro As one of our guest presenters once stated, In security, at some point there are has to be some trust. We believe that with regards to remote file systems, the trust should lie with the clients. In this paper, we will elaborate on the motivation, design, and implementation of EncryptFS, an encrypted file system. Motivation Recently, we have had our trust in the government and in big tech companies, shaken by the breaches in privacy that have been brought forth. This has not only increased the need for anonymity guaranteeing systems such as Tor, it has also increased a desire to encrypt data in places where we do not have full control. One of these places is remote file storage. Using cloud storage services has become very popular in the last decade. There are several advantages to using these services. It grants additional storage space, a location to backup data, and enables easy file sharing. Many cloud storage services are based on a centralized file system, i.e. SkyDrive, Drive, and Dropbox. However, given the recent NSA findings, it is obvious that the entity controlling the central server still holds the ability to decrypt the files users are storing. This is why we have designed a file system that through the use of encryption and clever permission settings, does not require the users to trust the central server. Threat Model Malicious file server We are going to assume that the server can modify, read and delete files that are stored on its hard drive. We are also assuming that attackers can send arbitrary messages to the server. Malicious user A user can attempt to read and write files to which they do not have permission to or once had permission to. Eavesdropping attacker We assume that there are attackers eavesdropping on the network that users are connected to. Such attackers are able to carry out replay attacks and can intercept any network package that users exchange. Under such conditions, it is important for our system not to reveal any private information over the network. 3

Design Our design consists of the use of a linux style user interface, capabilities for permission granting, RSA signing and AES encryption for verifiable file transfer and storage, and a transitively read only directory structure. Interface Our interface is similar to other linux programs. The first thing one has to do is run the server, server.py. Once the server is taking requests, running client.py and giving it arguments will allow a user to create and modify files among other things. A shell can be launched running client.py shell that makes running commands easier. The following are possible commands: Create a file put [ h] [ n NAME] [ d DATA] [ c WRITECAP] [ t] Get a file from server get [ h] [ n NAME] [ c CAP] [ t] Show files in directory ls [ h] [ v] [ p PATH] Rename a file rn [ h] filename newfilename Delete a file rm [ h] file Make a directory mkdir [ h] [ p PATH] n NAME [ r] File creation When a user request to make a file or directory on the server, a new randomly generated pair of RSA private and public keys are generated. Then, by using the SHA hashing the public and private key respectively, we get a fingerprint and write key for the file/directory. Essentially, write key serves as a write permission and the fingerprint is used to validate the public keys.we call the write key:fingerprint the write capability for the file/system. By hashing the write key, we get the read key; the read key concatted with the fingerprint is said to be the read capability. After the capabilities are created on the client side, a text editor spawns up and the user enters the data. Upon closing the file, the data is encrypted and signed with the private key so that the integrity could be checked on the server side and the data is not visible to eavesdroppers. The security section of our paper talks about that in detail. 4

Capabilities The claim of our design is that whoever holds the write capability can identify, access, and modify the file. Whoever holds the read capability can identify, and read the file. However, the read capability holder cannot modify the file, when the server is being honest. The security section of our paper talks more about the specific scenarios and how our system is resilient to those. File Sharing Users can share files and directories by exchanging file and directory capabilities. Files have read and write capabilities that are generated when a file is created. A read capability for a file can be derived from its write capability. Encryption and Integrity check Our method of encryption and key generation borrows a lot from the Tahoe lafs[1] server design. Essentially when a file is created, we use the write key to encrypt the private key associated with that file. Also, we use the read key hashed with a salt to get an AES encryption key that is used to encrypt the raw data. Then, we concat these two pieces encrypted private key, encrypted data and sign it with the private key. Finally, send the encrypted data, the signature along with a public key and the fingerprint to get the data that we send over the network. When the data is received, an honest server uses the public key attached in the data to see if the data was signed with the private key that is associated with that key. It also makes sure the public key is the correct key by matching it against the Having validated the data attached in the modified without proper permissions. Directory Structure Directories are files that is a table of file and subdirectory names to the capabilities associated with those files. The directory capabilities are created in the exact same manner as the file capabilities. 5

Security Our system is designed to be resilient against the following attacks. 1. violate confidentiality: the attacker gets to view data to which you have not granted them access 2. violate integrity: the attacker convinces you that the wrong data is actually the data you were intending to retrieve 3. violate unforgeability: the attacker gets to modify a mutable file or directory (either the pathnames or the file contents) to which you have not given them write permission without being detected. Design Decisions At the beginning of this project, we wanted to have a peer to peer system that allowed users to store and share encrypted files on each others machines. This turned out to be much more difficult than expected. We then decided to turn to the original system of having one untrusted server that handled all the files. Another choice we had was to make the user interface online or within the linux environment. We decided to go with the linux environment because of simplicity and stronger security. Using a web interface would introduce many more security threats that would not be worth the arguably better user experience. Testing We tested rigorously to make sure every feature of our file system worked properly. This helped in the development process by allowing us to find bugs early on and avoiding having to deal with multiple bugs later on. Testing became difficult when dealing with multiple users since one had to switch to other users and linux does not make this easy, so some tests we just did manually. Conclusion In conclusion, EncryptFS allows users to store and share files on an untrusted server that cannot modify or delete files without being detected. In this day and age where privacy is hard to find, we cannot be too careful and EncryptFS and systems similar to it will allow users to have some peace of mind with regards to their files. References 1. https://code.google.com/p/nilestore/wiki/tahoelafsbasics 2. https://tahoe lafs.org/trac/tahoe lafs/browser/trunk/docs/architecture.rst 3. https://tahoe lafs.org/~warner/pycon tahoe.html 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information