[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CFS & TCFS
On Sat, Dec 12, 1998 at 05:57:42PM +0000, Michael Hohensee wrote:
> These are just NFS servers. Do there exist any programs which actually
> keep the contents of the filesystem on your hard-drive encrypted?
> CFS pushes encryption services into the Unix(tm) file system. It supports
> secure storage at the system level through a standard Unix file system
> interface to encrypted files. Users associate a cryptographic key with the
> directories they wish to protect. Files in these directories (as well as
> their pathname components) are transparently encrypted and decrypted with the
> specified key without further user intervention; cleartext is never stored on
> a disk or sent to a remote file server. CFS employs a novel combination of
> DES stream and codebook cipher modes to provide high security with good
> performance on a modern workstation. CFS can use any available file system
> for its underlying storage without modification, including remote file
> servers such as NFS. System management functions, such as file backup, work
> in a normal manner and without knowledge of the key.
> Question 1.1. What is TCFS?
> TCFS is a Transparent Cryptographic File System that is a suitable solution
> to the problem of privacy for distributed file system. By a deeper
> integration between the encryption service and the file system, it results in
> a complete trasparency of use to the user applications. Files are stored in
> encrypted form and are decrypted before they are read. The
> encryption/decryption process takes place on the client machine and thus the
> encryption/decryption key never travels on the network.