Optimizing Ecryptfs for Better Performance and Security

Total Page:16

File Type:pdf, Size:1020Kb

Optimizing Ecryptfs for Better Performance and Security Optimizing eCryptfs for better performance and security Li Wang Yunchuan Wen School of Computer Kylin, Inc. National University of Defense Technology [email protected] [email protected] Jinzhu Kong Xiaodong Yi School of Computer School of Computer National University of Defense Technology National University of Defense Technology [email protected] [email protected] Abstract Cryptfs [5], which is part of the FiST framework [6]. eCryptfs provides transparent per file encryption. Af- This paper describes the improvements we have done to ter mounting a local folder as an eCryptfs folder eCryptfs, a POSIX-compliant enterprise-class stacked with identity authentication passed, the file copied into cryptographic filesystem for Linux. The major improve- the eCryptfs folder will be automatically encrypted. ments are as follows. First, for stacked filesystems, by eCryptfs is widely used, for example, as the basis default, the Linux VFS framework will maintain page for Ubuntu’s encrypted home directory, natively within caches for each level of filesystem in the stack, which Google’s ChromeOS, and transparently embedded in means that the same part of file data will be cached several network attached storage (NAS) devices. multiple times. However, in some situations, multiple eCryptfs is implemented as a stacked filesystem inside caching is not needed and wasteful, which motivates us Linux kernel, it does not write directly into a block de- to perform redundant cache elimination, to reduce ide- vice. Instead, it mounts on top of a directory in a lower ally half of the memory consumption and to avoid un- filesystem. Most POSIX compliant filesystem can act as necessary memory copies between page caches. The a lower filesystem, for example, ext4 [2], XFS [4], even benefits are verified by experiments, and this approach NFS [3]. eCryptfs stores cryptographic metadata in the is applicable to other stacked filesystems. Second, as header of each file written, so that encrypted files can be a filesystem highlighting security, we equip eCryptfs copied between hosts, and no additional information is with HMAC verification, which enables eCryptfs to de- needed to decrypt a file, except the ones in the encrypted tect unauthorized data modification and unexpected data file itself. corruption, and the experiments demonstrate that the de- crease in throughput is modest. Furthermore, two minor The rest of this paper is organized as follows. For back- optimizations are introduced. One is that we introduce ground information, Section1 introduces the eCryptfs a thread pool, working in a pipeline manner to perform cryptographic filesystem. Section2 describes the opti- encryption and write down, to fully exploit parallelism, mizations for eCryptfs performance. Section3 presents with notable performance improvements. The other is the data integrity enforcement for eCryptfs security. a simple but useful and effective write optimization. In Section4 discusses our ongoing and future works on addition, we discuss the ongoing and future works on eCryptfs. Section5 concludes the paper. eCryptfs. 2 Performance Improvements 1 Introduction 2.1 Redundant Cache Elimination eCryptfs is a POSIX-compliant enterprise cryptographic filesystem for Linux, included in the mainline Linux The page cache is a transparent filesystem cache imple- kernel since version 2.6.19. eCryptfs is derived from mented in Linux VFS (Virtual File System) framework. • 137 • 138 • Optimizing eCryptfs for better performance and security The fundamental functionality is to manage the memory pages that buffer file data, avoiding frequent slow disk accesses. For eCryptfs (and other stacked file systems in Linux), there exist (at least) two levels of page caches, as shown in Figure1. The upper level is the eCryptfs page cache, which buffers the plain text data to interact with the user applications. The lower level page cache belongs to the file system on top of which eCryptfs is stacked, and it buffers the cipher text data as well as the eCryptfs file metadata. The eCryptfs file read/write Figure 1: Page caches for eCryptfs on top of ext4 under works as follows, original implementation. • Read operations result in the call of VFS vfs_ read, which searches the eCryptfs page cache. If no matching page is found, vfs_read calls the file system specific readpage call back routine to bring the data in. For eCryptfs this is eCryptfs_ readpage, which calls vfs_read again to cause the lower file system to read the data from the disk into eCryptfs page cache. The data is then de- crypted and copied back to the user application. Figure 2: Page caches for eCryptfs on top of ext4 under • Write operations result in the call of VFS vfs_ read optimization for encrypted file. write, which copies the data from user space buffer into the eCryptfs page cache, marks the cor- responding page dirty, then returns without en- If the eCryptfs file is opened only for reading, the lower cryption (unless the system currently has large page cache is not needed since the cipher data will not amount of dirty pages). Encryption is normally be used after decryption. This motivates us to perform performed asynchronously by the dedicated OS redundant cache elimination optimization, thus reduce kernel thread, during the job of flushing dirty ideally half of the memory consumption. The page pages into lower page cache, by invoking file sys- cache is maintained only at the eCryptfs level. For first tem specific writepage call back routine, here is read, once the data has been read out from disk, de- ecryptfs_writepage. This routine encrypts a crypted and copied up to eCryptfs page cache, we free whole page of data into a temporary page, then in- the corresponding pages in the lower page cache im- vokes vfs_write to copy the encrypted data from mediately by invoking invalidate_inode_pages2_ the temporary page into the lower page cache. range, as shown in Figure2. A better solution is to modify the VFS framework to avoid allocating the lower In real life, eCryptfs is often deployed in archive and page entirely, but that would be much more compli- backup situations. For the former case, people archive cated, and we want to limit our revisions in the scope their private documents into an eCryptfs protected direc- of eCryptfs codes. tory, consequently, the corresponding eCryptfs files are created and opened for writing, and those files are later If the eCryptfs file is opened for writing, and the write opened generally for reading. The latter case is simi- position is monotonic increasing, which guarantees the lar, user copies files out from eCryptfs folder, modifies, same data area will not be repeatedly written, then the and copies the revised files back to replace the original eCryptfs page cache is not needed since the plain data ones. In this case, the eCryptfs files are opened for either will not be used after encryption. It is beneficial to main- reading or writing as well, in other words, in the above tain the page cache only at the lower level. Once the situations, the files are almost never online edited, i.e., data has been encrypted and copied down to lower page opened for both reading and writing. This is also true cache, the corresponding pages in eCryptfs page cache for some other situations. are freed immediately. 2012 Linux Symposium • 139 Figure 3: The data structures for redundant cache elim- ination for encrypted file. Figure 5: The readpage routine for eCryptfs for en- crypted file. writer gets involved. In that case, the state changes from ECRYPTFS_RW_RDOPT to ECRYPTFS_RW_NOOPT. If the file is initially opened for writing, the state becomes ECRYPTFS_RW_WROPT, and remains unchanged until the write position decreases or any reader gets involved, in which case, the state becomes ECRYPTFS_RW_NOOPT. Figure 4: The state machine for redundant cache elimi- After the file is closed by the last user, the state returns nation for encrypted file. to ECRYPTFS_RW_INIT. Figure5 shows the eCryptfs code implementing To achieve this optimization, we maintain a simple state readpage. After the data have been copied into machine as an indicator. There are four states as shown eCryptfs page cache, and redundant cache elimination in Figure3, ECRYPTFS_RW_INIT indicates an initial- is applicable, in line 13, the corresponding lower page ized state, with neither readers nor writers. ECRYPTFS_ index is calculated, then in line 15, the lower page is RW_RDOPT indicates the file is currently opened only for released. reading, and the read optimization, i.e, lower page cache early release applies. ECRYPTFS_RW_WROPT indicates We evaluate redundant cache elimination on a machine the file is currently opened only for writing and the write with a Pentium Dual-Core E5500 2.8GHz CPU, 4G of position is monotonic increasing, in which case, the memory (DDR3), the kernel version 3.1.0-7 i686 with write optimization, i.e, upper page cache early release PAE enabled, the same test system is used for all the ex- applies. ECRYPTFS_RW_NOOPT applies for remaining periments of this paper described. We use the command cases. As shown in Figure4, when a file data struc- ‘iozone -t x -s y -r 4M -i 1’ to measure ‘Re-read’ ture is initialized, the state is set to ECRYPTFS_RW_INIT. throughput. Here x ranges from 1 to 256, increasing by If it is then opened for reading, the state transitions to orders of 2, representing the number of processes, and ECRYPTFS_RW_RDOPT, and remains unchanged until a y ranges from 2G to 8M, representing the file size, such 140 • Optimizing eCryptfs for better performance and security Figure 6: Re-read throughput for redundant cache elim- ination over original implementation. that the total operated data set x ∗ y is always equal to 2G. As shown in Figure6, the optimized eCryptfs achieves a big speedup under this group of tests. This is because the data set is 2G, if two level of page caches are present, it will consume up to 4G memory, thus lead to a poor re-read throughput due to memory page thrashing.
Recommended publications
  • PV204: Disk Encryption Lab
    PV204: Disk encryption lab May 12, 2016, Milan Broz <[email protected]> Introduction Encryption can provide confidentiality and authenticity of user data. It can be implemented on several different layes, including application, file system or storage device. Application encryption examples are PGP or ZIP compression with password. Encryption of files (inside filesystem or through independent layer like Linux eCryptfs) provides more generic solution. Yet some parts (like filesystem metadata) are still unencrypted. However this solution provides encrypted data with private key per user. (Every user can have own directory encrypted by own key.) Encryption of the low-level storage (disk) is called Full Disk Encryption (FDE). It is completely transparent to the user (no need to choose what to encrypt – the whole disk is encrypted). The encrypted disk behaves as the same as a disk without encryption. The major disadvantage is that everyone who knows the password can read the whole disk. Often we combine FDE with another encryption layer. The primary use of FDE is to provide data confidentiality in power-down mode (stolen laptop does not leak user data). Once the disk is unlocked, the main encryption key remains in system, usually directly in system RAM. Exercise II will show how easy is to get this key from memory image of system. Another disadvantage of FDE is that it usually cannot guarantee integrity of data. Encryption is fully transparent and length-preserving, the ciphertext and plaintext device are of the same size. There is no space to store any integrity information. This allows attacks by direct modification of ciphertext.
    [Show full text]
  • Mcafee Foundstone Fsl Update
    2016-AUG-18 FSL version 7.5.841 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 20369 - Splunk Enterprise Multiple Vulnerabilities (SP-CAAAPQM) Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2013-0211, CVE-2015-2304, CVE-2016-1541, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE- 2016-2109, CVE-2016-2176 Description Multiple vulnerabilities are present in some versions of Splunk Enterprise. Observation Splunk Enterprise is an operational intelligence solution Multiple vulnerabilities are present in some versions of Splunk Enterprise. The flaws lie in multiple components. Successful exploitation by a remote attacker could lead to the information disclosure of sensitive information, cause denial of service or execute arbitrary code. 20428 - (HT206899) Apple iCloud Multiple Vulnerabilities Prior To 5.2.1 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-1684, CVE-2016-1836, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483, CVE-2016-4607, CVE- 2016-4608, CVE-2016-4609, CVE-2016-4610, CVE-2016-4612, CVE-2016-4614, CVE-2016-4615, CVE-2016-4616, CVE-2016-4619 Description Multiple vulnerabilities are present in some versions of Apple iCloud. Observation Apple iCloud is a manager for the Apple's could based storage service. Multiple vulnerabilities are present in some versions of Apple iCloud. The flaws lie in several components. Successful exploitation could allow an attacker to retrieve sensitive data, cause a denial of service condition or have other unspecified impact on the target system.
    [Show full text]
  • ANDROID PRIVACY THROUGH ENCRYPTION by DANIEL
    ANDROID PRIVACY THROUGH ENCRYPTION by DANIEL DEFREEZ A THESIS Presented to the Department of Computer Science in partial fullfillment of the requirements for the degree of Master of Science in Mathematics and Computer Science Ashland, Oregon May 2012 ii APPROVAL PAGE “Android Privacy Through Encryption,” a thesis prepared by Daniel DeFreez in partial fulfillment of the requirements for the Master of Science in Mathematics and Computer Science. This project has been approved and accepted by: Dr. Lynn Ackler, Chair of the Examining Committee Date Pete Nordquist, Committee Member Date Hart Wilson, Committee Member Date Daniel DeFreez c 2012 iii ABSTRACT OF THESIS ANDROID PRIVACY THROUGH ENCRYPTION By Daniel DeFreez This thesis explores the field of Android forensics in relation to a person’s right to privacy. As the field of mobile forensics becomes increasingly sophisticated, it is clear that bypassing common privacy measures, such as disk encryption, will become routine. A new keying method for eCryptfs is proposed that could significantly mitigate memory attacks against encrypted file systems. It is shown how eCryptfs could be modified to implement this keying method on an Android device. iv ACKNOWLEDGMENTS I would like to thank Dr. Lynn Ackler for introducing me to the vast world of computer security and forensics, cultivating a healthy paranoia, and for being a truly excellent teacher. Dr. Dan Harvey, Pete Nordquist, and Hart Wilson provided helpful feedback during the preparation of this thesis, for which I thank them. I am deeply indebted to my friends and colleagues Brandon Kester, Andrew Krug, Adam Mashinchi, Jeff McJunkin, and Stephen Perkins, for their enthusiastic interest in the forensics and security fields, insightful comments, love of free software, and encouraging words.
    [Show full text]
  • Ubuntu Server Guide Basic Installation Preparing to Install
    Ubuntu Server Guide Welcome to the Ubuntu Server Guide! This site includes information on using Ubuntu Server for the latest LTS release, Ubuntu 20.04 LTS (Focal Fossa). For an offline version as well as versions for previous releases see below. Improving the Documentation If you find any errors or have suggestions for improvements to pages, please use the link at thebottomof each topic titled: “Help improve this document in the forum.” This link will take you to the Server Discourse forum for the specific page you are viewing. There you can share your comments or let us know aboutbugs with any page. PDFs and Previous Releases Below are links to the previous Ubuntu Server release server guides as well as an offline copy of the current version of this site: Ubuntu 20.04 LTS (Focal Fossa): PDF Ubuntu 18.04 LTS (Bionic Beaver): Web and PDF Ubuntu 16.04 LTS (Xenial Xerus): Web and PDF Support There are a couple of different ways that the Ubuntu Server edition is supported: commercial support and community support. The main commercial support (and development funding) is available from Canonical, Ltd. They supply reasonably- priced support contracts on a per desktop or per-server basis. For more information see the Ubuntu Advantage page. Community support is also provided by dedicated individuals and companies that wish to make Ubuntu the best distribution possible. Support is provided through multiple mailing lists, IRC channels, forums, blogs, wikis, etc. The large amount of information available can be overwhelming, but a good search engine query can usually provide an answer to your questions.
    [Show full text]
  • Z/VSE Security Overview and Update Ingo Franzki
    z/VSE Live Virtual Class 2013 z/VSE Security Overview and Update Ingo Franzki http://www.ibm.com/zVSE http://twitter.com/IBMzVSE ©2013 IBM Corporation z/VSE Live Virtual Class 2013 Trademarks The following are trademarks of the International Business Machines Corporation in the United States, other countries, or both. Not all common law marks used by IBM are listed on this page. Failure of a mark to appear does not mean that IBM does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant market. Those trademarks followed by ®are registered trademarks of IBM in the United States; all others are trademarks or common law marks of IBM in the United States. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: *, AS/400®, e business(logo)®, DBE, ESCO, eServer, FICON, IBM®, IBM (logo)®,iSeries®, MVS, OS/390®, pSeries®, RS/6000®, S/30, VM/ESA®, VSE/ESA, WebSphere®, xSeries®, z/OS®, zSeries®, z/VM®, System i, System i5, System p, System p5, System x, System z, System z9®, BladeCenter® The following are trademarks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc.
    [Show full text]
  • Automated Control of Distributed Systems
    Summer Research Fellowship Programme-2015 Indian Academy of Sciences, Bangalore PROJECT REPORT AUTOMATED CONTROL OF DISTRIBUTED SYSTEMS UNDER THE GUIDANCE OF Dr. B.M MEHTRE Associate Professor, Head, Center for Information Assurance and Management (CIAM) Institute for Development and Research in Banking Technology (IDRBT), Hyderabad - 500 057 Submitted by: S. NIVEADHITHA II Year, B Tech Computer Science Engineering SRM University, Kattankulathur, Chennai. SRF- ENGS7327 (2015) Indian Academy of Sciences, Bangalore CERTIFICATE This is to certify that Ms S Niveadhitha, Student, Second year B Tech Computer Science Engineering, SRM University, Kattankulathur, Chennai has undertaken Summer Research Fellowship Programme (2015) conducted by Indian Academy of Sciences, Bangalore at IDRBT, Hyderabad from May 25, 2015 to July 20, 2015. She was assigned the project “Automated Control of Distributed Systems” under my guidance. I wish her all the best for all her future endeavours. Dr. B.M MEHTRE Associate Professor, Head, Center for Information Assurance and Management (CIAM) Institute for Development and Research in Banking Technology (IDRBT), Hyderabad - 500 057 ACKNOWLEDGMENT I express my deep sense of gratitude to my Guide Dr. B. M. Mehtre, Associate Professor, Head, CIAM, IDRBT, Hyderabad - 500 057 for giving me an great opportunity to do this project in CIAM, IDRBT and providing all the support. I am thankful to Prof. Dr. B.L.Deekshatulu, Adjunct Professor, IDRBT for his guidance and valuable feedback. I am grateful to Mr. Hiran V Nath, Miss Shashi Sachan and colleagues of CIAM, IDRBT who constantly encouraged me for my project work and supported me by providing all the necessary information. I am indebted to Indian Academy of Sciences, Bangalore, Director, E & T SRM University, and Head, CSE, SRM University, Kattankulathur, Chennai for giving me this golden opportunity to undertake Summer Research Fellowship Programme at IDRBT.
    [Show full text]
  • Best Practices to Secure Your Z/VSE System and Data Using New Security and Crypto Features
    IBM z Systems – z/VSE – VM Workshop 2016 Best Practices to secure your z/VSE system and data using new security and crypto features Ingo Franzki © 2016 IBM Corporation IBM z Systems – z/VSE – VM Workshop 2016 Trademarks The following are trademarks of the International Business Machines Corporation in the United States, other countries, or both. Not all common law marks used by IBM are listed on this page. Failure of a mark to appear does not mean that IBM does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant market. Those trademarks followed by ® are registered trademarks of IBM in the United States; all others are trademarks or common law marks of IBM in the United States. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: *, AS/400®, e business(logo)®, DBE, ESCO, eServer, FICON, IBM®, IBM (logo)®, iSeries®, MVS, OS/390®, pSeries®, RS/6000®, S/30, VM/ESA®, VSE/ESA, WebSphere®, xSeries®, z/OS®, zSeries®, z/VM®, System i, System i5, System p, System p5, System x, System z, System z9®, BladeCenter® The following are trademarks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc.
    [Show full text]
  • Introduction to Truecrypt
    Introduction to TrueCrypt WELCOME 11 January 2012 SLUUG - St. Louis Unix Users Group http://www.sluug.org/ A Very Basic Tutorial and Demonstration By Stan Reichardt [email protected] 1 Introduction to TrueCrypt DEFINITIONS Encryption Secrecy Privacy Paranoia Human Rights Self-determination See http://www.markus-gattol.name/ws/dm-crypt_luks.html#sec1 2 Introduction to TrueCrypt WHO Who uses TrueCrypt? Who here has NOT used TrueCrypt? Who here has used TrueCrypt? 3 Introduction to TrueCrypt WHO ELSE Used by Businesses Military forces Government agencies Suspects (Possibly Bad people) Freedom Fighters (Against Bad Governments) Everyday People (That Want Privacy or Security) 4 Introduction to TrueCrypt WHO WATCHES Who watches the watchmen? http://en.wikipedia.org/wiki/Quis_custodiet_ipsos_custodes%3F 5 Introduction to TrueCrypt WHAT What is it? GENERAL TrueCrypt is powerful encryption software for your personal data. It works by creating creating a virtual hard drive within a file and mounts it, so your computer treats it as a real hard drive. You can choose to encrypt an entire hard drive, certain folders, or removable media such as a USB flash drive. Encryption is automatic, real-time and transparent, so all the hard work is handled for you. It also provides two levels of plausible deniability, and supports various encryption algorithms depending on your needs, including AES-256, Serpent, and 6 Twofish. Introduction to TrueCrypt WHAT IT DOES What can it do? The capabilities of TrueCrypt (taken from Users Guide, Introduction on page 6): TrueCrypt is a software system for establishing and maintaining an on-the-fly- encrypted volume (data storage device).
    [Show full text]
  • WHEN FILE ENCRYPTION HELPS PASSWORD CRACKING Phdays V
    WHEN FILE ENCRYPTION HELPS PASSWORD CRACKING PHDays V Sylvain Pelissier, Roman Korkikian May 26, 2015 IN BRIEF Password hashing Password cracking eCryptfs presentation eCryptfs salting problem Correction Questions 2 PASSWORD HASHING 3 PASSWORD CRACKING From the hash recover the password value. 4 BRUTEFORCE 1. Get the hash file /etc/shadow 2. For all possible password, compute H(password) until a match is found in the file. 3. Output password 5 PRE-COMPUTED DICTIONNARY ATTACK 1. Create a database of all (password; H(password)). 2. To crack a given password hash, check if it is in the database. 3. Output the corresponding password 6 RAINBOW TABLE ATTACK Trade-off between computation and memory. 7 SALTING Compute H(saltjjpassword) instead of H(password) and store both salt and hash. Make dictionary and rainbow table attacks much more difficult but not bruteforce attack. Salting is used in most modern systems i.e Linux uses 5000 iterations of SHA-512 with randomly generated salt. 8 PASSWORD CRACKING Well studied problem. Several optimized tools: I John the ripper (www.openwall.com/john). I hashcat (hashcat.net/oclhashcat). Password Hashing Competition (PHC) to select new password hashing algorithms (password-hashing.net). Hashrunner contest 9 ECRYPTFS File encryption software (ecryptfs.org). Included in the Linux Kernel. Used for user home folder encryption by Ubuntu. 10 ECRYPTFS UTILS 11 ECRYPTFS UTILS 1. During creation of the encrypted home folder, a passphrase (16 bytes by default) is randomly generated. 2. The passphrase is use for file encryption (AES by default). 3. The passphrase is stored encrypted in the file: /home/.ecrpytfs/$USER/.ecrpytfs/wrapped-passphrase 4.
    [Show full text]
  • Comparison of Disk Encryption Software 1 Comparison of Disk Encryption Software
    Comparison of disk encryption software 1 Comparison of disk encryption software This is a technical feature comparison of different disk encryption software. Background information Name Developer First released Licensing Maintained? ArchiCrypt Live Softwaredevelopment Remus ArchiCrypt 1998 Proprietary Yes [1] BestCrypt Jetico 1993 Proprietary Yes BitArmor DataControl BitArmor Systems Inc. 2008-05 Proprietary Yes BitLocker Drive Encryption Microsoft 2006 Proprietary Yes Bloombase Keyparc Bloombase 2007 Proprietary Yes [2] CGD Roland C. Dowdeswell 2002-10-04 BSD Yes CenterTools DriveLock CenterTools 2008 Proprietary Yes [3][4][5] Check Point Full Disk Encryption Check Point Software Technologies Ltd 1999 Proprietary Yes [6] CrossCrypt Steven Scherrer 2004-02-10 GPL No Cryptainer Cypherix (Secure-Soft India) ? Proprietary Yes CryptArchiver WinEncrypt ? Proprietary Yes [7] cryptoloop ? 2003-07-02 GPL No cryptoMill SEAhawk Proprietary Yes Discryptor Cosect Ltd. 2008 Proprietary Yes DiskCryptor ntldr 2007 GPL Yes DISK Protect Becrypt Ltd 2001 Proprietary Yes [8] cryptsetup/dmsetup Christophe Saout 2004-03-11 GPL Yes [9] dm-crypt/LUKS Clemens Fruhwirth (LUKS) 2005-02-05 GPL Yes DriveCrypt SecurStar GmbH 2001 Proprietary Yes DriveSentry GoAnywhere 2 DriveSentry 2008 Proprietary Yes [10] E4M Paul Le Roux 1998-12-18 Open source No e-Capsule Private Safe EISST Ltd. 2005 Proprietary Yes Dustin Kirkland, Tyler Hicks, (formerly [11] eCryptfs 2005 GPL Yes Mike Halcrow) FileVault Apple Inc. 2003-10-24 Proprietary Yes FileVault 2 Apple Inc. 2011-7-20 Proprietary
    [Show full text]
  • Trusted Computing and Linux
    Trusted Computing and Linux Kylene Hall Tom Lendacky Emily Ratliff IBM IBM IBM [email protected] [email protected] [email protected] Kent Yoder IBM [email protected] Abstract 1 Introduction The Trusted Computing Group (TCG) released the first set of hardware and software specifi- cations shortly after the creation of that group in 2003.1 This year, a short two years later, While Trusted Computing and Linux R may 20 million computers will be sold containing a seem antithetical on the surface, Linux users Trusted Platform Module (TPM) [Mohamed], can benefit from the security features, including which will largely go unused. Despite the system integrity and key confidentiality, pro- controversy surrounding abuses potentially en- vided by Trusted Computing. The purpose of abled by the TPM, Linux has the opportunity this paper is to discuss the work that has been to build controls into the enablement of the done to enable Linux users to make use of their Trusted Computing technology to help the end Trusted Platform Module (TPM) in a non-evil user control the TPM and take advantage of se- manner. The paper describes the individual curity gains that can be made by exercising the software components that are required to en- TPM properly. This paper will cover the pieces able the use of the TPM, including the TPM needed for a Linux user to begin to make use of device driver and TrouSerS, the Trusted Soft- the TPM. ware Stack, and TPM management. Key con- cerns with Trusted Computing are highlighted This paper is organized into sections covering along with what the Trusted Computing Group the goals of Trusted Computing, a brief intro- has done and what individual TPM owners can duction to Trusted Computing, the components do to mitigate these concerns.
    [Show full text]
  • Ecryptfs: an Enterprise-Class Encrypted Filesystem for Linux
    eCryptfs: An Enterprise-class Encrypted Filesystem for Linux Michael Austin Halcrow International Business Machines [email protected] Abstract the integrity of the data in jeopardy of compro- mise in the event of unauthorized access to the media on which the data is stored. eCryptfs is a cryptographic filesystem for Linux that stacks on top of existing filesys- While users and administrators take great tems. It provides functionality similar to that of pains to configure access control mecha- GnuPG, except the process of encrypting and nisms, including measures such as user ac- decrypting the data is done transparently from count and privilege separation, Mandatory Ac- the perspective of the application. eCryptfs cess Control[13], and biometric identification, leverages the recently introduced Linux ker- they often fail to fully consider the circum- nel keyring service, the kernel cryptographic stances where none of these technologies can API, the Linux Pluggable Authentication Mod- have any effect – for example, when the me- ules (PAM) framework, OpenSSL/GPGME, dia itself is separated from the control of its the Trusted Platform Module (TPM), and the host environment. In these cases, access con- GnuPG keyring in order to make the process trol must be enforced via cryptography. of key and authentication token management When a business process incorporates a cryp- seamless to the end user. tographic solution, it must take several issues into account. How will this affect incremental backups? What sort of mitigation is in place to address key loss? What sort of education is 1 Enterprise Requirements required on the part of the employees? What should the policies be? Who should decide them, and how are they expressed? How dis- Any cryptographic application is hard to imple- ruptive or costly will this technology be? What ment correctly and hard to effectively deploy.
    [Show full text]