1998-12-12 - Re: CFS & TCFS

Header Data

From: mib <mib@io.com>
To: Michael Hohensee <michael@sparta.mainstream.net>
Message Hash: fa896a6b78b803e423d7dbaf9823e84a5185f1d39579f73957953b83010aa08e
Message ID: <19981212130328.C1996@io.com>
Reply To: <19981212092708.C25653@io.com>
UTC Datetime: 1998-12-12 19:35:49 UTC
Raw Date: Sun, 13 Dec 1998 03:35:49 +0800

Raw message

From: mib <mib@io.com>
Date: Sun, 13 Dec 1998 03:35:49 +0800
To: Michael Hohensee <michael@sparta.mainstream.net>
Subject: Re: CFS & TCFS
In-Reply-To: <19981212092708.C25653@io.com>
Message-ID: <19981212130328.C1996@io.com>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, Dec 12, 1998 at 05:57:42PM +0000, Michael Hohensee wrote:
> These are just NFS servers.  Do there exist any programs which actually
> keep the contents of the filesystem on your hard-drive encrypted?

ftp://ftp.research.att.com/dist/mab/cfs.announce ...
> CFS pushes encryption services into the Unix(tm) file system.  It supports
> secure storage at the system level through a standard Unix file system
> interface to encrypted files.  Users associate a cryptographic key with the
> directories they wish to protect.  Files in these directories (as well as
> their pathname components) are transparently encrypted and decrypted with the
> specified key without further user intervention; cleartext is never stored on
> a disk or sent to a remote file server.  CFS employs a novel combination of
> DES stream and codebook cipher modes to provide high security with good
> performance on a modern workstation.  CFS can use any available file system
> for its underlying storage without modification, including remote file
> servers such as NFS.  System management functions, such as file backup, work
> in a normal manner and without knowledge of the key.

http://vales.uni.net/tcfs/tcfs-faq.html#Q1.1 ...
> Question 1.1. What is TCFS?
> TCFS is a Transparent Cryptographic File System that is a suitable solution
> to the problem of privacy for distributed file system. By a deeper
> integration between the encryption service and the file system, it results in
> a complete trasparency of use to the user applications. Files are stored in
> encrypted form and are decrypted before they are read. The
> encryption/decryption process takes place on the client machine and thus the
> encryption/decryption key never travels on the network.

- d.





Thread