From owner-freebsd-current@FreeBSD.ORG  Tue Sep  7 13:28:34 2010
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4580D10656DF
	for <freebsd-current@FreeBSD.org>; Tue,  7 Sep 2010 13:28:34 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42])
	by mx1.freebsd.org (Postfix) with ESMTP id F057F8FC15
	for <freebsd-current@FreeBSD.org>; Tue,  7 Sep 2010 13:28:33 +0000 (UTC)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41])
	by cyrus.watson.org (Postfix) with ESMTPS id 988BE46BA2;
	Tue,  7 Sep 2010 09:28:33 -0400 (EDT)
Date: Tue, 7 Sep 2010 14:28:33 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Gleb Kurtsou <gleb.kurtsou@gmail.com>
In-Reply-To: <20100906183838.GA3460@tops>
Message-ID: <alpine.BSF.2.00.1009071425410.32656@fledge.watson.org>
References: <20100906183838.GA3460@tops>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-current@FreeBSD.org
Subject: Re: RFC: pefs - stacked cryptographic filesystem
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2010 13:28:34 -0000

On Mon, 6 Sep 2010, Gleb Kurtsou wrote:

> I would like to ask for feedback on a kernel level stacked cryptographic 
> filesystem. It has started as Summer Of Code'2009 project and matured a lot 
> since then. I've recently added support for sparse files and switched to XTS 
> encryption mode.
>
> I've been using it to encrypt my home directory for almost a year already, 
> and use fsx, dbench and blogbench for testing. So it should be fairly 
> stable.
>
> Tested on top of ZFS, UFS and tmpfs on amd64 and i386; both 9-CURRENT and 
> 8-STABLE supported.
>
> Please email me separately if you're willing to help testing on big endian 
> machine, XTS code doesn't look endian correct.
>
> At this point all of the project goals complete and I'd like it to get wider 
> coverage in terms of tests and reviews and hope to see it commited to HEAD 
> soon.

Hi Gleb:

This sounds like really exciting work!  Do you have much in the way of formal 
documentation of your crypto design at this point?  I'd like to point some of 
the local crypto gurus at Cambridge at it to do some analysis of your 
approach.  However, as they rightly point out, reverse engineering crypto from 
code is rather a high barrier of entry for a crypto review, so detailed 
documentation of the approach and a formal format description would be much 
prefered :-).

Thanks,

Robert


>
>
> Installation instructions:
>
> 1a. Clone git repository:
> # git clone git://github.com/glk/pefs.git pefs
> # cd pefs
>
> 1b. Or download latest snapshot from github:
> http://github.com/glk/pefs/archives/master
>
> 2. Build and install:
> # make obj all
> # make install
>
> 3. Mount pefs filesystem:
> # pefs mount ~/Private ~/Private
>
> 4. Enter passphrase:
> # pefs addkey ~/Private
>
> 5. Test it and report back. There is also a man page available.
>
> 6. Example how to save your key in keychain database.
>
> pefs has to be mounted and key specified to make fs writable, create
> keychain with single entry (keychain -Z option):
> # pefs addchain -Z ~/Private
> Don't encrypt .pefs.db:
> # mv ~/Private/.pefs.db /tmp
> # umount ~/Private
> # mv /tmp/.pefs.db ~/Private
> # pefs mount ~/Private ~/Private
> Use -c option to verify key is in database
> # pefs addkey -c ~/Private
>
> 7. You can setup pam_pefs (not compiled by default) to add key to home
> directory and authenticate against keychain database on login, e.g. by
> adding the following line to /etc/pam.d/system before pam_unix.so:
>
> auth	sufficient	pam_pefs.so	try_first_pass
>
>
> The following is a list of its most important features:
>
> *   Kernel level file system, no user level daemons needed.
>    Transparently runs on top of existing file systems.
> *   Random per file tweak value used for encryption, which guaranties
>    different cipher texts for the same encrypted files.
> *   Saves metadata only in encrypted file name, but not in file itself.
> *   Supports arbitrary number of keys per file system, default directory
>    key, mixing files encrypted with different keys in same directory.
> *   Allows defining key chains, can be used to add/delete several keys
>    by specifying only master key.
> *   Uses modern cryptographic algorithms: AES and Camellia in XTS mode,
>    PKCS#5v2 and HKDF for key generation.
>
>
> Github repository: http://github.com/glk/pefs
>
> More details on my blog: http://glebkurtsou.blogspot.com/search/label/pefs
>
> Thanks,
> Gleb.
>
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>