DOCSLIB.ORG

Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E. Fu B.S. Computer Science and Engineering MIT, 1998 Submitted to the Department of Electrical Engineering and Computer Science in Partial Fulfillment of the Requirements for the Degree of Master of Engineering in Electrical Engineering and Computer Science at the MASSACHUSETTS INSTITUTE OF TECHNOLOGY CHUSEU9ISTITUTE OF TECHNdLOGY June 1999 © 1999 Kevin E. Fu. All rights reserved. The author hereby grants to MIT permission to reproduce and distribute publicly paper and electronic copies of this thesis docn CHUSETS INSTITUTE in whole or in part. A uthor .................. I Department of Electrical Engineering and Computer Science ,, May 18, 1999 C ertified by .............................. Ronald L. Rivest E. S. Webster Professor of Electrical Engineering and Computer Science Thestiq Sypervisor Accepted by.......... 7... Arthur C. Smith Chairman, Department Committee on Graduate Students 2 Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E. Fu Submitted to the Department of Electrical Engineering and Computer Science on May 18, 1999 in Partial Fulfillment of the Requirements for the Degree of Master of Engineering in Electrical Engineering and Computer Science Abstract Traditional cryptographic storage uses encryption to ensure confidentiality of file data. However, encryption can prevent efficient random access to file data. Moreover, no cryptographic storage file system allows file sharing with similar semantics to UNIX group sharing. The Cryptographic Storage File System (Cepheus) provides confiden- tiality and integrity of data while enabling efficient random access and file sharing using mechanisms similar to UNIX groups. Cepheus uses a delayed-write-encryption policy for caching, delayed re-encryption for distributed re-encryption, and a hash tree structure beneath the inode for integrity. While maintaining confidentiality and integrity, the cost of reading a block is 0(1) amortized over a sequential read of the entire file of n blocks. Writes execute in worst-case O(log n) time. Thesis Supervisor: Ronald L. Rivest Title: E. S. Webster Professor of Electrical Engineering and Computer Science 3 Acknowledgments Sivaramakrishnan Rajagopalan and Bill Aiello guided my work on cryptographic stor- age at Telcordia Technologies (formerly Bellcore) in Morristown, New Jersey. Ron Rivest endowed much advice as my on-campus thesis advisor. Their guidance and sug- gestions greatly improved the design of Cepheus. Telcordia Technologies supported my research with a graduate fellowship in the MIT VI-A program. Portions of Cepheus code derive from David Mazieres' Secure File System of the Parallel and Distributed Operating Systems Group at the MIT Laboratory for Com- puter Science[22]. Parts of the low-level file system originated from my 6.033 team's X-File System[12]. Drew Samnick implemented many of the Remote Procedure Calls for his Advanced Undergraduate Project. Other persons deserving credit for help or guidance include Derek Atkins, Giovanni Di Crescenzo, Neil Haller, Sam Hartman, Jeff Hu, Frans Kaashoek, Marcus Kuhn, Anna Lysyanskaya, and Jerome Saltzer. Fi- nally, my fiancee, Teresa, deserves much gratitude for putting up with my midnight coding and bitter moods during this long ordeal. Just one more degree, I promise. 4 Contents 1 Introduction 13 1.1 Background: UNIX File Systems . ..... ..... ..... .... 14 1.2 Motivation .. ...... ...... ...... ...... ....... 18 1.3 Focus . ..... ..... .... ..... ..... ..... ..... 20 1.3.1 Group Sharing .... ...... ..... ...... ..... 20 1.3.2 Random Access .... ..... .... ..... ..... ... 21 1.4 Related Work: Case Studies . ..... ..... ..... ..... .. 21 1.4.1 Cryptographic File System .... ..... ...... ..... 22 1.4.2 Secure FileSystem .. ...... ..... ...... ...... 26 1.4.3 Transparent Cryptographic File System .. ..... ..... 28 1.4.4 SecureDrive ... .... ..... .... ..... ..... .. 29 1.4.5 SecureDevice .. ... .... .... .... .... .... .. 31 1.4.6 CryptDisk .. .... .... .... ... .... .... .... 32 1.5 Common Features .... ...... ...... ...... ....... 33 1.5.1 Key Management & Sharing ... ....... ........ 33 1.5.2 Portability . ...... ...... ..... ...... ..... 33 1.5.3 Transparency ... .... .... .... .... ... .... 34 1.5.4 Encryption Costs ... .... ... .... .... .... ... 34 1.5.5 Fine-grained Access Control . .... .... .... .... .. 34 1.5.6 Key Changes & Revocation .... .... ..... ..... 35 1.5.7 Intrusion Tolerance . ..... ..... .... ..... .... 35 1.5.8 Reliability . .... .... .... .... .... ... .... 35 5 1.5.9 Trust in System Administrators ....... ....... .. 35 1.5.10 Integrity .... ........ ........ ........ 36 2 Design Requirements 37 2.1 Design Criteria ............................. 37 2.1.1 Confidentiality . .... .... .... .... .... .... 3 7 2.1.2 Integrity .............. 38 2.1.3 Availability ...... ...... 38 2.1.4 Secure Group Sharing .. .... 38 2.1.5 Efficient Random Access ..... 39 2.2 Failure Conditions .. .......... 39 2.2.1 Intolerable Failures . ....... 39 2.2.2 Tolerable Failures ....... .. 39 2.3 Cryptographic Storage Trust Model . .. 40 2.3.1 Trust Model Principals ...... 40 2.3.2 Confidentiality .......... 41 2.3.3 Integrity .............. 42 2.3.4 Availability ............ 43 2.3.5 Group Sharing ........ .. 44 3 Cepheus Design 47 3.1 Group Sharing .............. 47 3.2 Random Access .............. 48 3.2.1 Delayed Re-encryption ...... 50 3.2.2 Buffer Cache: Delayed Encryption 51 3.3 File System Structures .......... 51 3.3.1 Inodes ............... 51 3.3.2 Authenticity/Integrity Check Field 52 3.3.3 Crash Recovery .......... 54 3.4 Client Daemon .............. 55 3.4.1 Buffer Cache ........... 55 6 3.4.2 File Server Communication ....... ........ 56 3.5 User Agent ..... .... ..... ..... ..... ..... 56 3.6 File Server .. ...... ..... ...... ...... ...... 57 3.7 Group Database Server ..... ..... ..... ..... ..... 58 3.8 Design Alternatives ..... ....... ...... ...... .... 60 3.8.1 Ciphers .. ...... ...... ..... ...... ..... 60 3.8.2 Initialization Vector ..... ...... ...... ...... 61 3.8.3 Authenticity/Integrity Check Field .. .... ... .... .. 61 3.8.4 Delayed Re-encryption ..... .... ..... ..... ... 63 3.8.5 Buffer Cache .... ..... ..... .... ..... .... 63 4 Implementation Details 65 4.1 User Agent .... ..... ..... ..... ..... ..... ... 65 4.2 Client Daemon ..... ...... ...... ...... ....... 65 4.3 File Server .. .... ..... .... .... .... .... .... .. 67 4.4 Group Database Server ... .... .... .... .... .... ... 67 4.5 Status . .... .... .... ..... .... .... .... .... 68 5 Questions for Cryptographic Storage 71 5.1 Network Versus Storage Encryption ..... ..... ..... .... 71 5.2 File Permissions ... .... .... ..... .... .... ..... 72 5.3 Group Sharing .... .... ... .... ... .... ... .... 72 5.4 Incremental Cryptography . .... .... .... .... .... ... 73 5.5 Delayed Re-encryption .. .... .... .... .... ..... ... 73 5.6 Integrity . .... ... .... ... .... ... .... ... .... 73 5.7 Orphaned Directories .. .... ... ... ... ... .... ... .. 74 5.8 Brittleness ... ... ... ... ... ... ... ... ... .... .. 74 5.9 Encrypted Swap File . ... ... ... ... ... .... ... ... 75 5.10 Key Rings .. ... ... ... .. ... ... ... .. ... ... ... 75 5.11 Trust of System Administrator . ... ... ... ... ... .... .. 75 5.12 Unattended Access . ... .. ... .. ... .. ... .. ... .. .. 75 7 6 Conclusion 77 8 List of Figures 1-1 The layout of data and metadata on the physical disk. .. ...... 14 1-2 The inode contains file attributes and pointers to data blocks. Singly and doubly indirect blocks allow a small inode to address a large am ount of file data. ..... ...... ..... ...... ...... 17 1-3 A complex example of a directory mapping file names to inodes. Thick boxes represent data blocks while thin boxes represent inodes. .... 18 1-4 This diagram of CFS is based on Blaze's paper and an article on cryp- tographic file systems[4, 35]. Dashed lines represent a confidential area protected by encryption. .... ...... ...... ..... 23 1-5 In Blaze's OFB+ECB mode, the OFB mode first computes interme- diate plaintext blocks IP offline. When a plaintext block P needs encryption, it is first XORed with IP, IV, and a function of the block number and seed. This is encrypted in ECB mode for the final ciphertext. 24 1-6 In Yerushalmi's OFB+ECB mode, the OFB mode first computes in- termediate plaintext blocks IP offline, as is done in Blaze's mode. When a plaintext block Pi needs encryption, it is first encrypted in ECB mode, then XORed with 1P. This allows for easier incremental changes. ........ .................................. 25 1-7 SFS interfaces to MS-DOS as a device driver with raw access to the physical disk. The thick dotted line represents confidential storage. 27 2-1 Interactions among the trust model principals in Cepheus. ... .. 41 9 3-1 The client daemon (CD) acts as an NFS loopback server on the client workstation. The CD asks the appropriate user agent (UA) to encrypt, decrypt, sign, or verify data. Each CD communicates with the appro- priate file server (FS). The FS checks with the group database server (GDS) for authentication and authorization of a user agent. The thick dotted line represents confidential storage. ... ...... ...... 48 3-2 In Cepheus, file data is encrypted in CBC mode on a per block basis. Block ciphers typically have two 8-byte inputs. ...... ...... 49 3-3 The data pointer contains an IV and hash node in addition to the pointer to the data block. .... ...... ...... ...... .. 49 3-4
Load more

Recommended publications
  • MICROSOFT CORPORATION, a Washington Corporation
    IN THE IOWA DISTRICT COURT FOR POLK COUNTY : JOE COMES, RILEY PAINT, INC., an : No. CL82311 Iowa corporation, SKEFFINGTON’S : FORMAL WEAR OF IOWA, INC., an : Iowa corporation, and PATRICIA ANNE : LARSEN, : Plaintiffs, vs. MICROSOFT CORPORATION, a Washington Corporation, Defendant. SUPPLEMENTAL EXPERT REPORT OF ANDREW SCHULMAN December 19, 2006 Schulman – Supplemental Report 2 Andrew Schulman – Supplemental Report 1. The source code for Windows XP and Microsoft Office provide additional bases for opinion #21 in my June 2, 2006 technical expert report (“Microsoft Office uses (and copies) undocumented DirectUI APIs”). a. That DirectUI is a Windows API is shown by the presence of formal internal documentation in the form of web pages, marked “Internal Only”, written by Jeff Stall in March 2000, and describing the APIs for DirectUser Gadgets in the \windows\advcore tree of the XP source code. See e.g.: MSM_IA_298 windows\advcore\duser\docs\api\creategadget.htm MSM_IA_298 windows\advcore\duser\docs\api\core.htm MSM_IA_298 windows\advcore\duser\docs\api\addgadgetmessagehandler.htm b. That Microsoft regards DirectUI as part of Windows, rather than as functionality entirely within Office, is shown by the presence of the DirectUI HTML documentation in the \windows\advcore tree of the XP source code, noted above. c. That Microsoft regards DirectUI as part of Windows is also shown by the presence of DirectUI source code in the \windows\advcore tree of the XP source code. See e.g.: MSM_IA_298 windows\advcore\duser\engine\services\resourcemanager.cpp MSM_IA_298 windows\advcore\duser\engine\services\resourcemanager.h MSM_IA_298 windows\advcore\duser\engine\services\context.h MSM_IA_298 windows\advcore\duser\directui\engine\util\published.h MSM_IA_298 windows\advcore\duser\directui\test\app\logonui\priv.h MSM_IA_298 windows\advcore\duser\engine\objectapi\objectapi.h MSM_IA_298 windows\advcore\duser\engine\services\public.h MSM_IA_298 windows\advcore\duser\engine\services\services.h MSM_IA_298 windows\advcore\duser\engine\winapi\winapi.h d.
    [Show full text]
  • Jargon File, Version 4.0.0, 24 Jul 1996
    JARGON FILE, VERSION 4.0.0, 24 JUL 1996 This is the Jargon File, a comprehensive compendium of hacker slang illuminating many aspects of hackish tradition, folklore, and humor. This document (the Jargon File) is in the public domain, to be freely used, shared, and modified. There are (by intention) no legal restraints on what you can do with it, but there are traditions about its proper use to which many hackers are quite strongly attached. Please extend the courtesy of proper citation when you quote the File, ideally with a version number, as it will change and grow over time. (Examples of appropriate citation form: "Jargon File 4.0.0" or "The on-line hacker Jargon File, version 4.0.0, 24 JUL 1996".) The Jargon File is a common heritage of the hacker culture. Over the years a number of individuals have volunteered considerable time to maintaining the File and been recognized by the net at large as editors of it. Editorial responsibilities include: to collate contributions and suggestions from others; to seek out corroborating information; to cross-reference related entries; to keep the file in a consistent format; and to announce and distribute updated versions periodically. Current volunteer editors include: Eric Raymond [email protected] Although there is no requirement that you do so, it is considered good form to check with an editor before quoting the File in a published work or commercial product. We may have additional information that would be helpful to you and can assist you in framing your quote to reflect not only the letter of the File but its spirit as well.
    [Show full text]
  • Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Washington University St. Louis: Open Scholarship Washington University Law Review Volume 78 Issue 1 January 2000 Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution April Mara Major Federal Trade Commission Follow this and additional works at: https://openscholarship.wustl.edu/law_lawreview Part of the Internet Law Commons Recommended Citation April Mara Major, Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution, 78 WASH. U. L. Q. 59 (2000). Available at: https://openscholarship.wustl.edu/law_lawreview/vol78/iss1/2 This Article is brought to you for free and open access by the Law School at Washington University Open Scholarship. It has been accepted for inclusion in Washington University Law Review by an authorized administrator of Washington University Open Scholarship. For more information, please contact [email protected]. NORM ORIGIN AND DEVELOPMENT IN CYBERSPACE: MODELS OF CYBERNORM EVOLUTION APRIL MARA MAJOR* I. INTRODUCTION In the absence of legal rules or physical force, what causes someone to behave in a manner contrary to one’s private desires? Why, for instance, does one tip a bellhop for carrying luggage to a hotel room? Legal rules do not mandate the tipping of bellhops, and bellhops typically do not threaten physical force. So why does one feel obligated to tip the bellhop and embarrassed when one does not? Tipping the bellhop is a social norm. Social norm theory seeks to explain such informal constraints on human behavior. While numerous areas of academia employ social norm theory, scholars have yet to apply it directly to the study of the Internet.1 This Article traces norm origin and development in cyberspace and presents a * Attorney, Federal Trade Commission, Bureau of Consumer Protection, Division of Marketing Practices.
    [Show full text]
  • Hacking for Dummies‰ 4TH EDITION
    www.it-ebooks.info www.it-ebooks.info Hacking FOR DUMmIES‰ 4TH EDITION by Kevin Beaver, CISSP www.it-ebooks.info Hacking For Dummies®, 4th Edition Published by John Wiley & Sons, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2013 by John Wiley & Sons, Inc., Hoboken, New Jersey Published by John Wiley & Sons, Inc., Hoboken, New Jersey Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http:// www.wiley.com/go/permissions. Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its af!li- ates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners.
    [Show full text]
  • Introduction to Computer Crime
    Introduction to Computer Crime M. E. Kabay, PhD, CISSP-ISSMP Program Director, MSIA School of Graduate Studies Norwich University Northfield, VT Copyright © 1996, 2006 M. E. Kabay. All rights reserved. Introduction to Computer Crime by M. E. Kabay, PhD, CISSP-ISSMP Program Director, MSIA School of Graduate Studies Norwich University, Northfield VT Much of the following material was originally published in the 1996 textbook, NCSA Guide to Enterprise Security (McGraw Hill) and was most recently updated with newer references for use in Norwich University programs in July 2006. Introduction to Computer Crime..................................................................................................... 1 1 Sabotage: Albert the Saboteur ................................................................................................ 3 2 Piggybacking........................................................................................................................... 4 3 Impersonation ......................................................................................................................... 7 4 Equity Funding Fraud ............................................................................................................. 8 4.1 What happened................................................................................................................ 8 4.2 Lessons............................................................................................................................ 8 5 Superzapping........................................................................................................................
    [Show full text]
  • Virus Bulletin, March 1997
    ISSN 0956-9979 MARCH 1997 THE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Ian Whalley CONTENTS Assistant Editor: Megan Skinner EDITORIAL Technical Editor: Jakub Kaminski Blissful Ignorance… 2 Consulting Editors: VIRUS PREVALENCE TABLE 3 Richard Ford, Command Software, USA Edward Wilding, Network Security, UK NEWS 1. VB’97: Be Sure to Wear Some Flowers in your Hair 3 2. Cry ‘Wolf’! 3 IN THIS ISSUE: IBM PC VIRUSES (UPDATE) 4 • In a Word… What is the likelihood of WordBasic macro FEATURE viruses propagating successfully under Word 97? VB The Word of the Day 6 discusses the issue. Turn to p.6 for the story. VIRUS ANALYSIS • Down a new path. TPVO reflects a new development in On the Road to Mega-partism 8 virus creation: not just bi-, but tri-partite, this virus can infect boot sectors as well as DOS and Windows COMPARATIVE REVIEW executables. Analysis on p.8. Serving the World 10 • NetWare once more. It’s that time of year again, when PRODUCT REVIEWS one’s thoughts turn to reviewing NetWare anti-virus prod- 1. For your D-FENCE? 18 ucts. Turn to page 10 to find out what happened. 2. LANDesk Virus Protect for Windows NT 21 END NOTES & NEWS 24 VIRUS BULLETIN ©1997 Virus Bulletin Ltd, The Pentagon, Abingdon, Oxfordshire, OX14 3YP, England. Tel +44 1235 555139. /97/$0.00+2.50 No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form without the prior written permission of the publishers. 2 • VIRUS BULLETIN MARCH 1997 EDITORIAL Blissful Ignorance… It has been an interesting month for someone with similar professional interests as my own – finally, after such a long time (in computing terms at least), viruses meet Linux in the real world! For those readers looking blankly at the page wondering what on earth I mean, Linux is the pinnacle of the freeware ethic – a complete, and completely free, UNIX clone.
    [Show full text]
  • BCS Glossary of Computing And
    BCS-glossay:Layout 1 5/9/08 17:15 Page 1 12th Edition BCS Glossary of Computing and ICT 12th Edition Rapid advances in technology mean developments at the Praise for previous editions: cutting edge of IT are changing computers and generating new terminology and jargon. Keeping up with new technologies ‘Should be available and their impact on computing is vital if you want to gain the knowledge needed in this fast-moving world. in all schools and tertiary institutions Leading experts from the British Computer Society have teaching courses in compiled this 12th edition of the most authoritative and current guide to ICT and computing terms available. Divided into computing or IT.’ and ICT Computing of Glossary BCS themed sections, it builds your understanding of computing Physics Education in 4 key areas – what computer systems are made of, how they are developed, how they work, and how they are used. ‘A thoroughly Contains over 3,400 terms and definitions useful publication.’ Fully indexed and cross-referenced Schools Science Review Supports the National Curriculum and National Qualifications Framework Ideal for GCSE, A-level, ECDL, 14-19 Diplomas ‘Very highly and other courses recommended to all whose activities bring About the authors them anywhere within The authors are members of the BCS Education and Training Expert Panel, many of whom are teachers. In compiling this spitting distance glossary, they have drawn upon their experience in the of computers.’ education sector and their detailed knowledge of computing, producing the most up-to-date glossary of its kind. Physics Bulletin COMPUTING & IT This book is brought to you by the ISBN 978-1-906124-00-7 British Computer Society – the leading professional and learned society in the field of computers and information systems.
    [Show full text]
  • The Art of Intrusion : the Real Stories Behind the Exploits of Hackers, Intruders, and Deceivers / Kevin D
    01_569597 ffirs.qxd 1/11/05 9:22 PM Page iii T H E A R T O F INTRUSION The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers Kevin D. Mitnick William L. Simon 01_569597 ffirs.qxd 1/11/05 9:22 PM Page ii 01_569597 ffirs.qxd 1/11/05 9:22 PM Page i T H E A R T O F INTRUSION The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers 01_569597 ffirs.qxd 1/11/05 9:22 PM Page ii 01_569597 ffirs.qxd 1/11/05 9:22 PM Page iii T H E A R T O F INTRUSION The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers Kevin D. Mitnick William L. Simon 01_569597 ffirs.qxd 1/11/05 9:22 PM Page iv Vice President & Executive Group Publisher: Richard Swadley Vice President and Executive Publisher: Bob Ipsen Vice President and Publisher: Joseph B. Wikert Executive Acquisitions Editor: Carol Long Development Editors: Emilie Herman, Kevin Shafer Editorial Manager: Kathryn Malm Bourgoine Senior Production Editor: Angela Smith Project Coordinator: April Farling Copy Editor: Joanne Slike Interior Design: Kathie S. Rickard Text Design & Composition: Wiley Composition Services Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2005 by Kevin D. Mitnick and William L. Simon Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600.
    [Show full text]