Cryptography Reference
In-Depth Information
7.4 CFS-Encrypted Hard Disks
The software products discussed so far helped secure the local and remote data
traffic between computers, but how is a computer's local security ensured?
UNIX users, for example, set corresponding access privileges for sensitive
directories. This means that other users cannot change to these directories and
read the files they contain.
This doesn't fend off nosy superusers (i.e., administrators) though. Their access
privileges are not limited. Security holes in UNIX systems are usually due to
the fact that somebody can become an unauthorized superuser. Which users
know whether a security hole has been discovered in their system and whether
or not it is already being exploited? And even if it isn't, if somebody has
somehow physical access to your computer (which should always be assumed
for notebooks), they can use a Linux-Live CD, such as
Knoppix
, and easily
delete the superuser password, copy at will, and then reset everything back to
normal.
The only thing that helps in these cases is to encrypt sensitive files. This is
cumbersome and insecure. Application programs don't normally work with
encrypted files. As long as they aren't open, they are normally on the disk in
the clear. Only once the program is exited can you encrypt them. Even if your
word processor offers good cryptography, nobody can guarantee that the data
haven't been stored on the disk in the clear in the meantime.
Crypto-file systems
put an end to this type of worry. Such files are accessed
as usual, but the data on their way between the disk and the application are
encrypted and decrypted transparently. In multiuser systems like UNIX, crypto-
file systems wouldn't protect your files from an administrator accessing either
the memory or the swap area, but they help: dismantling and analyzing the
hard disk after work (or stealing the notebook) won't help James Bond much
despite the modern analyzer in his wrist watch, at least in general. However,
it would be desirable to have operating systems that would reliably delete data
no longer required from the swap area from time to time. No administrator can
do this; it's a system task. Clever users use crypto-file systems for the swap
area, too, but it can significantly reduce the performance.
CFS and NFS
I'll be talking about some totally outdated software in this section once again!
Crypto-file systems are used under Windows as well as under Linux and UNIX
