Linux用户空间分布式加密文件系统(IJCNIS-V4-N8-4)

I.J.ComputerNetworkandInformationSecurity,2012,8,33-39PublishedOnlineAugust2012inMECS()DOI:10.5815/ijcnis.2012.08.04Copyright©2012MECSI.J.ComputerNetworkandInformationSecurity,2012,8,33-39DistributedEncryptingFileSystemforLinuxinUser-spaceU.S.Rawat,ShishirKumarDepartmentofComputerScience&Engineering,JaypeeUniversityofEngineering&Technology,Guna(MP),Indiaumasrawat@gmail.com,dr.shishir@yahoo.comAbstract—LinuxsystemsuseEncryptingFileSystem(EFS)forprovidingconfidentialityandintegrityservicestofilesstoredondiskinasecure,efficientandtransparentmanner.Distributedencryptingfilesystemshouldalsoprovidesupportforsecureremoteaccess,multiuserfilesharing,possibleusebynon-privilegedusers,portability,incrementalbackupsetc.Existingkernel-spaceEFSdesignedatfilesystemlevelprovidesallnecessaryfeatures,buttheyarenotportableandcannotbemountedbynon-privilegedusers.Existinguser-spaceEFShaveperformancelimitationsanddoesnotprovidesupportforfilesharing.Throughthispaper,modificationsinthedesignandimplementationoftwoexistinguser-spaceEFS,forperformancegainandfilesharingsupport,hasbeenpresented.Performancegainhasbeenachievedinboththeproposedapproachesusingfastandmodernciphers.FilesharingsupportinproposedapproacheshasbeenprovidedwithPublicKeyInfrastructure(PKI)integrationusingGnuPGPKImoduleandLinuxPluggableAuthenticationModule(PAM)framework.Cryptographicmetadataisbeingstoredasextendedattributesinfile‘sAccessControlList(ACL)tomakefilesharingtaskeasierandseamlesstotheenduser.IndexTerms—EncryptingFileSystem(EFS),FileSysteminUser-space(FUSE),NetworkFileSystem(NFS),Public-KeyInfrastructure(PKI),AccessControlList(ACL),PluggableAuthenticationModule(PAM)I.INTRODUCTIONWhileconsideringfilesystemsecurity,severalaspectsshouldbetakenintoaccountsuchasauthentication,authorization,accesscontrol,confidentialityandintegrity.Linuxsystemsprovidesauthentication,authorizationandaccesscontrolservicesusingPluggableAuthenticationModule(PAM)[1];policylanguagethatdefinesfileownerandgroup,alongwiththeowner/group/worldread/write/executeattributesofthefile;PosixAccessControlLists(ACL‘s)[2]thatprovidesmorestringentaccesscontrolonaper-filebasisetc.Forconfidentialityandintegrityservices,EncryptingFileSystem(EFS)havetobeusedthatprovidesfileencryption/decryptionalongwithintegritymechanisms,inasecure,efficientandtransparentmannertotheuser.DistributedencryptingfilesystemshouldalsoprovidesecureremoteaccessoverNetworkFileSystem(NFS),filesharingamongmultipleusers,possibleusebynon-privilegedusers,portability,incrementalbackupsetc.Encryptionservicesbyencryptingfilesystemscanbeplacedatfilesystemlevelordevicelayerlevel.IndevicelayersystemslikedmCrypt[3]andcryptsetup[4],encryption/decryptiontakesplaceatdevicelayerinkernel-space,usingLinuxkerneldevicemapperinfrastructurethatprovidesagenericwaytocreatevirtuallayersofblockdevices.Thesesystemsperformencryptionwithasinglekeyonentireblockdevice,sofilesharingisnotpossibleamongmultipleusers.Theyarealsonotconvenientforincrementalback-ups,cannotbemountedbynon-privilegedusersandcannotbeusedremotelyoverNFS.Atfilesystemlevel,EFScanbeimplementedeitherinuser-spaceorinkernel-space.eCryptfs[5]isthemostpopularkernel-spaceEFS,integratedwiththeLinuxkernelsince2.6.19.Itusesstackablefilesysteminterfaceapproach[6]tointroducealayerofencryptionthatcanfitoveranyunderlyingfilesystem.eCryptfshasbeenimplementedusingFileSystemTranslator(FiST)[7],atoolthatcanbeusedtodevelopstackablefilesystemsusingtemplatecode.eCryptfsismoreefficientthanexistinguser-spaceencryptingfilesystems,discussedsubsequently.Itperformsencryptiononaper-filebasisandprovidessupportforfilesharingamongmultipleusersusingPublicKeyInfrastructure(PKI)support.Italsoprovidessupportforfileintegrityusingkeyedhashes.Itcanbeusedremotelyontopofnetworkedfilesystems.ThelimitationsofeCryptfsarethat,itcannotbeportedacrossdifferentplatformsanddonotprovideanyoptionsfornon-privilegeduserstomountafilesystem.Existinguser-spaceEFSlikeCFS[8]andEncFS[9]areimplementedusingNFSapproachandFileSysteminUser-space(FUSE)[10]respectively.CFSisimplementedentirelyinuser-spaceasamodifiedNFSserver.Auserspacedaemon,cfsd,actsasapseudo-NFSserver,andNFSclientinthekernelmakesRPCcallstothedaemon.TheCFSdaemonperformstransparentencryption/decryptionoffilecontentsduringwriteandreadoperations.CFScanbemountedbyanyuseronthesystemanddoesnotrequireanymodificationstothekernelsocanbeeasilyportable.CFSiscapableofactingasaremoteNFSserver,soitcanbeaccessedremotelywithoutrequiringanadditionalNFSmount.ThelimitationofCFSisitspoorperformanceduetofrequent34DistributedEncryptingFileSystemforLinuxinUser-spaceCopyright©2012MECSI.J.ComputerNetworkandInformationSecurity,2012,8,33-39contextswitchesanddatacopiesbetweenuser-spaceandkernel-space.Also,itusesDESalgorithmforfileencryption/decryption,whichfurtherdegradesitsperformance.EncFS[9]isanotherpopularuser-spaceEFSforLinux,writtenusingFUSElibrary.FUSEhasbeenintegratedintotheLinuxkerneltreeandprovidesagoodwaytowritevirtualfilesystems.FUSEexportsallfilesystemcallswithinthekerneltotheus