[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New release of CFS Unix encrypting file system available

Source code for the latest version (release 1.3.1) of CFS, the Cryptographic
File System, is now available upon request for research and experimental
use in the US and Canada.

CFS pushes encryption services into the Unix(tm) file system.  It
supports secure storage at the system level through a standard Unix
file system interface to encrypted files.  Users associate a
cryptographic key with the directories they wish to protect.  Files in
these directories (as well as their pathname components) are
transparently encrypted and decrypted with the specified key without
further user intervention; cleartext is never stored on a disk or sent
to a remote file server.  CFS employs a novel combination of DES
stream and codebook cipher modes to provide high security with good
performance on a modern workstation.  CFS can use any available file
system for its underlying storage without modification, including
remote file servers such as NFS.  System management functions, such as
file backup, work in a normal manner and without knowledge of the key.

CFS runs under SunOS and several other BSD-derived systems with NFS.
It is implemented entirely at user level, as a local NFS server
running on the client machine's "loopback" interface.  It consists of
about 5000 lines of code and supporting documentation.  You must have
"root" access to install CFS.

CFS was first mentioned at the work-in-progress session at the Winter
'93 USENIX Conference and was more fully detailed in:

    Matt Blaze. "A Cryptographic File System for Unix", Proc. 1st ACM
    Conference on Computer and Communications Security, Fairfax, VA,
    November 1993. (PostScript available by anonymous ftp from
    research.att.com in the file dist/mab/cfs.ps.)

and in

    Matt Blaze. "Key Management in an Encrypting File System", Proc.
    Summer '94 USENIX Tech. Conference, Boston, MA, June 1994.
    (PostScript available by anonymous ftp from research.att.com
    in the file dist/mab/cfskey.ps.)

Version 1.3 of CFS also includes ESM, the Encrypting Session Manager.
ESM provides shell-to-shell encrypted sessions across insecure links
and requires no OS or network support.  It is useful for typing cfs
passphrases when logged in over the network.  ESM needs RSAREF 2.0 to
compile and is tested only on SunOS and BSDI.  ESM is the first released
part of a suite of session encryption tools that are described in

    Matt Blaze and Steve Bellovin. "Session-layer Encryption."
    Proc. 1995 USENIX Security Workshop, Salt Lake City, June 1995.
    (PostScript is available from

The new version of CFS differs from the version described in the
papers in a few ways:

* The DES-based encryption scheme has been strengthened, and now
provides greater security but with the online latency of only single-DES.

* Support for the smartcard-based key management system is not
included and a few of the tools are not included.

* An impoved key management scheme now allows chaning the passphrase
associated with a directory.

* The performance has been improved.

* The security of the system against certain non-cryptanalytic attacks
has been improved somewhat. 

* User-contributed ports to a number of additional platforms.

* Hooks for adding new ciphers.

* 3-DES, MacGuffin, and SAFER-SK128 encryption options.

* Timeout options allow automatic detach of encrypted directories
after a set time or period of inactivity.

CFS is distributed as a research prototype; it is COMPLETELY
UNSUPPORTED software.  No warranty of any kind is provided.  We will
not be responsible if the system deletes all your files and emails the
cleartext directly to the NSA or your mother.  Also, we do not have
the resources to port the software to other platforms, although you
are welcome to do this yourself.  The software was developed under
SunOS and BSDI, and there are also unsupported user-contributed ports
available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix.  We really
can't promise to provide any technical support at all, beyond the
source code itself.  We also maintain a mailing list for CFS users and
developers; subscription information is included with the source code.

Because of export restrictions on cryptographic software, we are only
able to make the software available within the US and Canada to US and
Canadian citizens and permanent residents.  Unfortunately, we cannot
make it available for general anonymous ftp or other uncontrolled
access, nor can we allow others to do so.  Sorry.

Legal stuff from the README file:

 *              Copyright (c) 1992, 1993, 1994, 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 * This software is subject to United States export controls.  You may
 * not export it, in whole or in part, or cause or allow such export,
 * through act or omission, without prior authorization from the United
 * States government and written permission from AT&T.  In particular,
 * you may not make any part of this software available for general or
 * unrestricted distribution to others, nor may you disclose this software
 * to persons other than citizens and permanent residents of the United
 * States and Canada. 

If you would like a copy of the CFS source code, please read to the end
of this message and then send email to:

	[email protected]

DO NOT REPLY DIRECTLY TO THIS MESSAGE.  You must include a statement
that you are in the US or Canada, are a citizen or legal permanent
resident of the US or Canada, and have read and understand the license
conditions stated above.  Be sure to include an email address in a US-
or Canada-registered domain. The code will be sent to you via email in
a "shar" shell archive (a little over 300K bytes long).