Encrypted File Systems

Here's a good way to protect your files. Mr. Giles explains how to encrypt your entire file system rather than individual files.
XOR

The first encryption algorithm learned by most programmers is the lowly xor algorithm. To encrypt the data, we XOR it with the key (modulo the length of the key, if we use multi-byte encryption). To decrypt the data, we XOR it with the key again.

  • Benefits: fast and exportable

  • Drawback: trivial to break

  • Synopsis: stops casual snooper

DES

DES has a controversial past. It was a government-endorsed algorithm for non-classified use, but some people believe that the government deliberately introduced weaknesses. On the other hand, decades of research have revealed only relatively modest weaknesses. It is economically feasible for a large company to build a DES-cracking machine.

  • Benefits: strong, well-tested, 56-bit keys (The variant known as TRIPLE-DES uses 112-bit keys.)

  • Drawback: not exportable

  • Synopsis: a reasonable choice

IDEA

DES was designed for hardware implementations—and is difficult to implement efficiently in software. IDEA was designed around the low-level operations common on small processors. It is not a U.S. federal standard and wasn't weakened by the dreaded TLAs (three letter acronyms, such as DEC and FBI). On the other hand, while the TLAs have undoubtedly analyzed it, they aren't talking.

  • Benefits: strong, tested, 64-bit keys (used internally by PGP)

  • Drawback: not exportable

  • Synopsis: a reasonable choice

RSA

RSA encryption is a relatively ineffective algorithm. Many people feel that the primary weakness with PGP lies in the 1024-bit RSA encryption of the IDEA key, not the IDEA encryption of the actual data.

  • Benefits: solution to public key encryption problem, 128-bit keys

  • Drawbacks: requires at least 1024 bits for security comparable to IDEA, very slow

  • Synopsis: not appropriate

Obtaining the Source: Cypherpunks

Fools rush in where angels fear to tread. --Alexander Pope

Undoubtedly, some people now feel the urge to run out and write an encrypting file system. The rest of us turn to the Cypherpunks. They have published a set of patches to the 2.0.11 kernel which implement DES and IDEA encryption in “loopback” devices. The primary source for these patches is at: ftp://ftp.csua.berkeley.edu/pub/cypherpunks/filesystems/linux.

There are four patches:

  1. loopfix-2.0.11.patch: modifications to loopback device

  2. export-2.0.11.patch: more patches, mostly to documentation and the makefile

  3. crypto-2.0.11.patch: export-restricted patches: DES and IDEA

  4. mount-2.5k.patch: modification to mount to pass encryption keys.

The U.S. government continues to interpret the International Traffic in Arms Regulation (ITAR) in a manner that prohibits the export of meaningful cryptographic software via electronic means. There are no restrictions on the export of the same material in printed form or its subsequent distribution from sites outside North America.

The source code in crypto-2.0.11.patch implements DES and IDEA encryption and cannot be legally exported, even though this source is readily available worldwide. Violating export restrictions will not aid the effort to promote the free use of strong encryption, since the government could use this as proof of the need for stronger restrictions on domestic distribution.

Building the Kernel

Building the new kernel is no different than applying any other set of patches. The latest stable kernel release for which this works is 2.0.30. For convenience, I will assume it is stored in /usr/src/linux-2.0.30.tar.gz. Next, build a reference version of the kernel. Then, follow these steps:

  1. Get the latest encrypted file system patches. For convenience, I will assume that they are the 2.0.11 patches and stored in /usr/src/cryptfs.

  2. Apply the patches to the kernel, retaining the reference copy. On my system, this involved making a working directory, and applying the patches and fixing problems. I made the working directory by issuing the following commands:

    cd /usr/src
    rm linux
    tar xzpf linux-2.0.30.tar.gz
    mv linux linux-2.0.30.efs
    ln -s linux-2.0.30.efs linux
    
    I applied the patches using these commands:
    cd linux
    patch < ./cryptfs/export-2.0.11.patch
    patch < ./cryptfs/loopfix-2.0.11.patch
    patch < ./cryptfs/crypto-2.0.11.patch
    
    I fixed problems using these commands:
    mv *.h linux/include/linux
    mv des.c linux/kernel
    mv idea.c linux/drivers/block
    mv loopfix.txt linux/Documentation
    

  3. Configure and build the new kernel. Remember to enable the loopback device and file system encryption.

  4. Get the source for mount and apply the required patch. Build it.

  5. Reboot the system with your new kernel.

At this point everything should be ready to go, but I've encountered problems after builds. I believe my problem was caused by improper application of the patches, perhaps due to order-based instabilities caused by changes between the 2.0.11 and 2.0.30 and above kernels. One recurrent problem occurred with the urandom command:

od -x /dev/urandom | more
Giving this command produced kernel warning messages. If this happens to you, reinstall the kernel source and patches and check your warnings carefully.

______________________

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState