Lets assume a simplistic case of one user per system and lets assume that his key(or password ) will never change. In such case, the only thing that needs to be done is
- Reading a block from the disk and decrypting it before placing it in the cache/queue/routine.
- Encrypting the data before writing it back to the disk.
In Minix3.1.2a, rw_block() is the only function that needs to be modified (I mean the meat of the implementation goes here). This is not a difficult task to accomplish, but the key management and the group management issues are really tricky. Here are some of the issues:
KEY MANAGEMENT:
- A user X has key Kx. His 25000 (say) files are encrypted using Kx. Now a computer savvy guy that X is, decides to change his password. What would the system do now? Decrypt all his files and re-encrypt them using his new key?
- Here's a solution: Suppose X has two keys K1 and K2. K2 is used to encrypt his files and K1 is used to encrypt K2, so when X logs in, he is able to unlock K2 and read his file. His encrypted K2 is, of course, stored on the disk. Now thats a file too... how will that be encrypted? Who will encrypt it? Remember that the whole purpose of an EFS is to protect the data on a hard disk on an event of physical compromise of a system... and you cant make that file, not follow a rule.
Now X encrypts his file using Kx. Then he joins a software company and is asked to collaborate with other employees. The system admin puts him in a group, the member of his group are his colleagues who share the files. How will other's read his files which are encrypted with his password??
The future looks bleak now... there certainly have been many attempts to solve this seemingly easy problem with no avail. Microsoft provides an ad-hoc solution by allowing individual files to be encrypted. Group access cannot be added although individual users can still be added. This leads to an elongated file header and I don't find this design all that attractive or well thought out. One solution, that looks a bit futuristic, used a smart card but that is not an option in my case .
Hmmmm..... its an interesting problem. Think about it. I will...
PS: There will be few solutions on the wiki pages that I have linked to. They are too complicated to be correct and lack of libraries to do those stuff on Minix will make my life hell if I choose to mimic them... nevertheless it should not deter me from implementing such a system on Minix. And after all as my Professor Per Brinch Hansen says :"Simplicity is intelligence, multitude is stupidity"
The future looks bleak now... there certainly have been many attempts to solve this seemingly easy problem with no avail. Microsoft provides an ad-hoc solution by allowing individual files to be encrypted. Group access cannot be added although individual users can still be added. This leads to an elongated file header and I don't find this design all that attractive or well thought out. One solution, that looks a bit futuristic, used a smart card but that is not an option in my case .
Hmmmm..... its an interesting problem. Think about it. I will...
PS: There will be few solutions on the wiki pages that I have linked to. They are too complicated to be correct and lack of libraries to do those stuff on Minix will make my life hell if I choose to mimic them... nevertheless it should not deter me from implementing such a system on Minix. And after all as my Professor Per Brinch Hansen says :"Simplicity is intelligence, multitude is stupidity"
:o
ReplyDeletePretty hardcore. I should probably get in touch with you when my piece of junk build system starts giving me crap! :)
ReplyDelete