-----BEGIN PGP SIGNED MESSAGE-----
Cryptographic File System under Linux HOW-TO
LINUX SECURITY FAQ
March 14, 1996
Copyright (C) 1996 Alexander O. Yuriev (alex@bach.cis.temple.edu)
CIS Laboratories
TEMPLE UNIVERSITY
USA
This document describes how to compile, install and setup CFS
that was written by Matt Blaze of AT&T, under Linux. The following
copyright statement copied directly from CFS 1.12 describes
the restrictions on the CFS usage:
* The author of this software is Matt Blaze.
* Copyright (c) 1992, 1993, 1994 by AT&T.
* Permission to use, copy, and modify this software without fee
* is hereby granted, provided that this entire notice is included in
* all copies of any software which is or includes a copy or
* modification of this software and in all copies of the supporting
* documentation for such software.
*
* This software is subject to United States export controls. You may
* not export it, in whole or in part, or cause or allow such export,
* through act or omission, without prior authorization from the United
* States government and written permission from AT&T. In particular,
* you may not make any part of this software available for general or
* unrestricted distribution to others, nor may you disclose this software
* to persons other than citizens and permanent residents of the United
* States and Canada.
*
* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTY. IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
Although the information in this document is believed to be
correct, neither the Author nor CIS Laboratories, nor Temple University
provides any kind of WARRANTIES and is not/are not responsible for
what happens if you follow these guidelines. The information in this
document is provided AS IS!
ABOUT CFS
CFS provides application-independent encryption/decryption of the
filesystem layer that does not require modification of the
underlying filesystem code nor any kind of modification of the
kernel source. The symmetric cipher implemented in the mainstream
version of CFS is based on the modified DES cipher running in CBC
mode making the brute-force attack against the usual 56-bit DES
key-space unrealistic. The structure of CFS makes replacement of
the mainstream DES cipher with a Fast-DES or any other symmetric
cipher an extremely straightforward process. Please refer to the
"White" paper about CFS for more information
(ftp://bach.cis.temple.edu/pub/Papers/cfs.ps)
COMPILING AND INSTALLING CFS
CFS does not compile "out of the box" under Linux. Follow these
instructions to get CFS running or your Linux system. There are
several methods to make CFS work under Linux, the cleanest one of
which is based on the modifications performed by Olaf Kirch. His
version of CFS is available from:
ftp://ftp.mathematik.th-darmstadt.de/pub/linux/okir/cfs-1.1.2.tar.gz
Olaf signed the modified archive. The PGP signature for the modified
version of the cfs-1.1.2 can be obtained from
ftp://ftp.mathematik.th-darmstadt.de/pub/linux/okir/cfs-1.1.2.pgp
In single-user mode, compile CFS by using the "make" command.
After compilation is completed, install "cfsd", "cdetach", "ccat",
"cmkdir", "cname" and "cattach" to the /usr/local/sbin directory
with the ownership "root:wheel" and the access mode "551".
Generate a list of MD5 hashes of the clean binaries. Now copy these
files together with the "md5sum" to a media such as an image of a CD
or a floppy and make the media write protected.
Create the directory /.cfsfs which will be used as a hook for the
CFS server. Make that directory owned by root:root and protected
with access mode "000". Create the directory /securefs which will
become a root of the CFS tree.
Add the following lines into your /etc/rc.d/rc.local:
echo -n "Initializing secure filesystem: "
if [ -x /usr/local/sbin/cfsd ]; then
/usr/local/sbin/cfsd > /dev/null
echo -n "cfsd "
/bin/mount -o port=3049,intr localhost:/.cfsfs /securefs
echo -n "loopback "
echo "done"
else
echo "Cryptographic Filesystem is not installed"
fi
Users of the Caldera Network Desktop and Red Hat Commercial Linux
distributions should add the file "cfsfs" that is attached at the end
of this document to their /etc/rc.d/init.d directory. Then symlink
the file "S65cfsfs" to it in the appropriate run-level directories
using the command:
ln -s ../init.d/cfsfs S65cfsfs
in /etc/rc.d/rcX.d, where X is a run-level number, add the line:
/.cfsfs localhost
to /etc/exports. Finally, add the line:
portmap: 127.0.0.1
to the /etc/hosts.allow file.
You should now restart your computer. When it comes back into a
multiuser mode, issue a mount command to verify that CFS is running.
If everything was successful, you should see a new line in a list of
filesystems:
localhost:/.cfsfs on /securefs type nfs (rw,port=3049,intr,addr=127.0.0.1)
CREATING CFS DIRECTORY
To create a CFS protected directory called "secret" use the command
cmkdir secret
You will be requested to supply and verify the passphrase. If you
succeed, a new directory named "secret" will appear in the current
directory. This directory will contain encrypted information which
will be accessible only in the encrypted form unless it is attached
to the CFS tree.
In order to add the "secret" directory to a list of directories
managed by CFS, it has to be attached to the CFS tree using the
command:
cattach secret Big-Secret
CFS will request you to type the access passphrase. If it matches
the passphrase supplied to the "cmkdir" command that created the
directory originally, then the information in the secret directory
will be accessible in a non-encrypted form under /securefs/Big-Secret
to the user who supplied the correct passphrase. Please note that
usually it takes about a minute to attach a protected directory to
the CFS tree. When the user is finished manipulating the information
they should issue the command:
cdetach Big-Secret
to destroy the access key. This command removes the directory
"secret" from the list of directories managed by CFS making it
impossible to access cleartext information in that directory until
it is again attached using the "cattach" command.
PROTECTION OF CFS
In order to grant a user access to encrypted parts of the directory
tree, CFS requires the user to supply a passphrase that is used to
generate a set of access keys. A compromise of a passphrase allows
an intruder to access the encrypted information through the Unix
security model. Therefore it is extremely important to protect
access passphrases. There are two basic ways that can be used by
intruders to gain access to your passphrase. They are (1) Sniffer
attacks (2) Attack against the protocol. The following simple
guidelines can be used to minimize the possibility of a successful
attack against CFS:
1. Make sure that the CFS binaries are not compromised in
any form.
* Ensure that "cattach", "ccat", "cmkdir", "cname",
the CFS server "cfsd" and finally, "cdattach"
are not replaced with Trojan versions that record
access passphrases or, in a case of "cfsd",
access keys.
* Ensure that the CFS server is not compromised in a
way that it does not perform the encryption
procedure correctly.
* An attack against "cdeattach" usually involves a
small modification that prevents correct
destruction of access keys allowing an intruder
to gain access to a supposedly detached part of
the directory tree.
The simplest way to verify that binaries are not
compromised is to statically link them and place them on
a CD. Another way is to again statically link the
binaries, use "md5sum" message-digest calculator and
write their MD5 hashes onto a write-protected media.
Prior to using any CFS programs on a system, mount
the floppy disk and compare MD5 hashes of binaries on the
system with the hashes of the clean statically linked
copies located on the floppy disk, replacing the
compromised versions.
2. Keyboard grabbers used to grab passphrases as they are
being typed rely on the fact that most users are careless
enough to ignore the following simple guidelines:
1. When typing a passphrase in an xterm, make sure
that the xterm program is not compromised and use
the "Secure Keyboard" option while typing the
passphrase. This prevents keystrokes from being
intercepted by X grabbers.
2. Type passphrases from a terminal attached directly
to a serial port of the system when such terminal
is available.
3. Make sure that your pty and ttys permissions
disallow others from reading your keystrokes
directly from the device node.
3. Never type your passphrase across the network, even if
the network is located behind a firewall and you trust
everybody who is connected to your network not to use
sniffers. This also applies to networks that use
scrambling routers, because there is absolutely no
guarantee that routers use a strong encryption or do not
have a back door or a loophole that potentially can allow
an intruder to defeat encryption used by a router. If
you have to type your password across the network, do it
only if you are using an encrypted tunnel between systems
such as the one created by the deslogin(8) protocol.
4. Always de-attach CFS protected trees from the filesystem when
not using them, even when you are leaving your system for
"only" a couple of minutes.
KNOWN PROBLEMS WITH CFS
At this moment there is only one problem that can be reproduced.
"Permission denied" error is generated when a user attempts to
access the files located on a compact disc.
CREDITS
The following people helped in the preporation process of this
document: Topher Hughes of the Dickinson College, Elie Rosenblum of
the Montgomery Blair High School, Mario D. Santana of the Florida
State University, Daniel P Zepeda and Olaf Kirch.
====================[cfsfs]======================
#!/bin/sh
#
# $Header: /Secure/secure-doc/linux/CFS/RCS/CFS-Doc,v 1.4 1996/03/15 04:49:37 alex Exp alex $
#
# cfsfs Crypto filesystem
#
# Author: Alexander O. Yuriev <alex@bach.cis.temple.edu>
# Derived from cron
# Source function library.
. /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
start)
echo -n "Starting Crypto Filesystem: "
if [ -x /usr/local/sbin/cfsd ]; then
/usr/local/sbin/cfsd > /dev/null
/bin/mount -o port=3049,intr localhost:/.cfsfs /securefs
echo "done"
else
echo -n "Crypto Filesystem is not installed"
fi
touch /var/lock/subsys/cfsfs
;;
stop)
echo -n "Stopping Crypto filesystem: "
umount /securefs
killproc cfsd
echo
rm -f /var/lock/subsys/cfsfs
;;
*)
echo "Usage: cfsfs {start|stop}"
exit 1
esac
exit 0
====================[end of cfsfs]======================
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMXVewoxFUz2t8+6VAQHHoAP/WEZ9luRJ/gFgQydBbEfM2vXTF/1VCe7D
KoT3X5bRP+zZVufGt6B6n0IjDUXFX/Lv6264ZZ6jF/BKO9mrLxoGI5sA6Y6HQ7fb
DFy8+XdZhponnuih3eJ5z46bRwLWVd+lr2+ORK17ukTLbsY65kzF3wTzczRNqL9G
wPN6j3+LVXE=
=BEE2
-----END PGP SIGNATURE-----