Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: password backdoors
From: mcrosbie () cs purdue edu (Mark Joseph Crosbie)
Date: Thu, 11 May 1995 19:26:16 -0500


In message <Pine.LNX.3.91.950511182807.22707G-100000 () netspace org>, "Lee J. Sil
verman" writes:

      I seem to remember that someone (who probably reads this list so
I'll feel terrible if I screw this up, but I think his name is Matt Blaze
and I *think* he works for AT&T) wrote a secure filesystem that uses NFS
on the local machine to interact with an encrypted filesystem.  I do not

Matt's paper onc CFS is available on the COAST archive at:
ftp://coast.cs.purdue.edu/pub/doc/cryptography/Crypto-File-System.ps.Z

      As you can tell, my information is sketchy.  I'm sure someone with
more information will post and tell us where we can learn more. 

Here is the Abstract for the paper:

Although cryptographic techniques are playing an increasingly
important role in modern computing system security, user-level tools
for encrypting file data are cumbersome and suffer from a number of
inherent vulnerabilities. The Cryptographic File System (CFS) pushes
encryption services into the file system itself. CFS supports secure
storage at the system level through a standard Unix file system
interface to encrypted files. Users associate a cryptographic key with
the directories they wish to protect. Files in these directories (as
well as their pathname components) are transparently encrypted and
decrypted with the specified key without further user intervention;
cleartext is never stored on a disk or sent to a remote file
server. CFS can use any available file system for its underlying
storage without modification, including remote file servers such as
NFS. System management functions, such as file backup, work in a
normal manner and without knowledge of the key .  This paper describes
the design and implementation of CFS under Unix.  Encryption
techniques for file system-level encryption are described, and general
issues of cryptographic system interfaces to support routine secure
computing are discussed.

Regards,
Mark.
----------------------------------------------------------------------
Mark Crosbie                mcrosbie () cs purdue edu
COAST Archive Maintainer    security-archive () cs purdue edu

COAST Group                             Tel: (317) 494-9313
Dept. of Computer Sciences              Fax: (317) 494-0739
1398 Computer Sciences Building, Purdue University      
West Lafayette, IN 47907-1398, USA
URL: http://www.cs.purdue.edu/people/mcrosbie (PGP key available here)



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault