From: Edward Shushkin <edward@namesys.com>
To: Hendrik Visage <hvisage@envisage.co.za>
Cc: reiserfs-list@namesys.com, reiserfs-dev@namesys.com
Subject: Re: Proposal for keying encrypted filesystem
Date: Tue, 01 Apr 2003 16:28:05 +0400 [thread overview]
Message-ID: <3E8985D5.7CA598FF@namesys.com> (raw)
In-Reply-To: 20030331164502.GU8452@hvs.envisage.co.za
Hendrik Visage wrote:
>
> On Mon, Mar 31, 2003 at 05:58:04PM +0400, Edward Shushkin wrote:
> > I didn't invent something new..
> > I don't understand what should withstand scrutiny from crypto gurus.. md5? SHA?
>
> The keying implementation as proposed.
I agree, but keying implementation is not ready, just in discussion process, so there is
nothing that should withstand scrutiny for a while.. I want to clear up some order in
addition to the design document I have posted.
First we would like to specify the minimal crypto interface that kernel should know about.
Our policy is that it should be exactly *minimal*, so kernel shouldn't worry about key
management. When user tries to open a crypto file by special reiser4_open() system call,
kernel calls appropriate method which checks if the key passed by user is valid. I have
described the identification mechanism earlier, it uses disk key ID calculated by share or
private key during creation (when kernel creates, or opens a crypto file, it doesn't need to
distinguish, if the key is share or private). With a big probability (which is provided by
using of crypto-stable hash function) kernel makes a right conclusion if the key is valid or
invalid. If passed key is valid, kernel load this key into its own memory, and installs the
pointer to the inode. It means that user has got an access to this file i.e. he can read and
write file's data using this key. At the end of session reiser4_close() method zeroes and frees
the memory allocated for the key. All read(), write() internals I have described earlier.
There is an opinion that is *all* what kernel should know about crypto-files. Although one
more thing that kernel also should do (in order to support public-private interface) is
distinguish what key should be used for reading, and what one should be used for writing.
The current list of parameters which should be passed to the kernel via reiser4_open syscall
(including compression info) is:
crypto_id crypto; / id of the reiser4 crypto-plugin /
crypto_hash_id hash; / id of the reiser4 crypto-hash plugin /
compression_id compression; / id of the reiser4 compression plugin /
__u8 *pr_key; / pointer to the private(share) key /
__u16 pr_key_size; / private(share) key size /
__u8 *pub_key; / pointer to the public key /
__u16 pub_key_size; / public key size /
__u8 *keyid_string; / pointer to the identification string (secret string randomly
generated by appropriate key generation routine) /
__u8 keyid_length ; / the length of identification string /
__u8 cluster_shift; / cluster parameter /
Key ID size is defined by crypto-hash plugin (it is just an output size of appropriate hash
function). All other needed information is contained in specified crypto-plugin (if used
crypto-algorithm is symmetric or asymmetric, how to install keys to the inode, etc..)
So we would like to see the following:
1) Any opinions whether this crypto-file interface is full enough to implement public-private
keing (or maybe I have missed something that will be needed for some useful features), etc..
2) Any remarks about possible security holes in the reiser4 internals of main system calls I
have described. I don't think this is the only crypto guru who can do this.
3) Any proposals about crypto-directory plugin implementation. Obviously, encryption of directory
entries (which is so desirable by everyone) should be implemented as a new directory plugin.
This is the main directory plugin methods (->create_child() and ->lookup() responsible for
new entry creation and name resolution) who will call crypto-plugin (I hope we don't need
to compress file names). Perhaps, it is possible to implement the scheme when all directory entries
and appropriate files are encrypted by the same key which is loaded once for all these files, and
the appropriate key ID is verified once and saved once in directory disk stat-data instead of
its saving in disk stat-data of each file.
4) Proposals about integrating with a PKI infrastructure.
5) Proposals about user level support.
As I understand, currently we need 1), 2) and 5). Other will be need in future.
Anyway thanks for all your posts, although some of them I can not comment since the topic is beyond
the scope of DARPA contract.
Edward.
next prev parent reply other threads:[~2003-04-01 12:28 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-29 1:26 Proposal for keying encrypted filesystem Pierre Abbat
2003-03-29 16:46 ` Edward Shushkin
2003-03-29 16:55 ` Pierre Abbat
2003-03-29 18:17 ` Edward Shushkin
2003-03-29 20:49 ` Pierre Abbat
2003-03-30 10:12 ` Hendrik Visage
2003-03-30 17:00 ` Pierre Abbat
2003-03-31 9:15 ` Hendrik Visage
2003-03-30 16:30 ` Pierre Abbat
2003-03-31 11:21 ` Edward Shushkin
2003-03-31 12:09 ` Edward Shushkin
2003-03-31 13:36 ` Hendrik Visage
2003-03-31 13:54 ` Pierre Abbat
2003-03-31 16:35 ` Hendrik Visage
2003-03-31 20:11 ` Pierre Abbat
2003-03-31 21:31 ` Hendrik Visage
2003-03-31 22:40 ` Pierre Abbat
2003-04-01 9:31 ` Hendrik Visage
2003-03-31 13:58 ` Edward Shushkin
2003-03-31 16:45 ` Hendrik Visage
2003-04-01 12:28 ` Edward Shushkin [this message]
2003-04-01 16:06 ` Hans Reiser
2003-04-01 16:16 ` Anders Widman
2003-04-01 16:21 ` Hans Reiser
2003-04-02 2:56 ` Pierre Abbat
2003-04-02 6:06 ` Hans Reiser
2003-04-02 13:05 ` Pierre Abbat
2003-04-02 15:11 ` Edward Shushkin
2003-04-03 16:14 ` Valdis.Kletnieks
2003-04-03 19:43 ` Hans Reiser
2003-04-03 20:08 ` Valdis.Kletnieks
2003-04-03 19:44 ` Hans Reiser
2003-04-03 23:22 ` Pierre Abbat
2003-04-04 0:25 ` Russell Coker
2003-04-04 14:01 ` Valdis.Kletnieks
2003-04-04 14:30 ` Pierre Abbat
2003-04-04 14:47 ` Valdis.Kletnieks
2003-04-04 14:57 ` Pierre Abbat
2003-04-04 16:36 ` Edward Shushkin
2003-04-04 16:45 ` Valdis.Kletnieks
2003-04-04 15:25 ` Edward Shushkin
2003-04-04 16:50 ` Hans Reiser
2003-04-04 17:19 ` Edward Shushkin
2003-04-04 18:45 ` Hans Reiser
2003-04-05 0:01 ` Pierre Abbat
2003-04-07 0:44 ` Valdis.Kletnieks
2003-04-07 1:14 ` Pierre Abbat
2003-04-07 4:52 ` Valdis.Kletnieks
2003-04-07 16:55 ` Hans Reiser
2003-04-07 18:38 ` Edward Shushkin
2003-04-07 19:46 ` Hans Reiser
2003-04-07 22:36 ` Pierre Abbat
2003-04-08 10:10 ` Edward Shushkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3E8985D5.7CA598FF@namesys.com \
--to=edward@namesys.com \
--cc=hvisage@envisage.co.za \
--cc=reiserfs-dev@namesys.com \
--cc=reiserfs-list@namesys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.