[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CFS & TCFS




On Sat, Dec 12, 1998 at 05:57:42PM +0000, Michael Hohensee wrote:
> These are just NFS servers.  Do there exist any programs which actually
> keep the contents of the filesystem on your hard-drive encrypted?

ftp://ftp.research.att.com/dist/mab/cfs.announce ...
> CFS pushes encryption services into the Unix(tm) file system.  It supports
> secure storage at the system level through a standard Unix file system
> interface to encrypted files.  Users associate a cryptographic key with the
> directories they wish to protect.  Files in these directories (as well as
> their pathname components) are transparently encrypted and decrypted with the
> specified key without further user intervention; cleartext is never stored on
> a disk or sent to a remote file server.  CFS employs a novel combination of
> DES stream and codebook cipher modes to provide high security with good
> performance on a modern workstation.  CFS can use any available file system
> for its underlying storage without modification, including remote file
> servers such as NFS.  System management functions, such as file backup, work
> in a normal manner and without knowledge of the key.

http://vales.uni.net/tcfs/tcfs-faq.html#Q1.1 ...
> Question 1.1. What is TCFS?
> TCFS is a Transparent Cryptographic File System that is a suitable solution
> to the problem of privacy for distributed file system. By a deeper
> integration between the encryption service and the file system, it results in
> a complete trasparency of use to the user applications. Files are stored in
> encrypted form and are decrypted before they are read. The
> encryption/decryption process takes place on the client machine and thus the
> encryption/decryption key never travels on the network.

- d.