From owner-freebsd-hackers Thu Jul 3 03:59:21 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id DAA03545 for hackers-outgoing; Thu, 3 Jul 1997 03:59:21 -0700 (PDT) Received: from korin.warman.org.pl (korin.warman.org.pl [148.81.160.10]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id DAA03537 for ; Thu, 3 Jul 1997 03:59:16 -0700 (PDT) Received: from localhost (abial@localhost) by korin.warman.org.pl (8.8.5/8.7.3) with SMTP id MAA05444 for ; Thu, 3 Jul 1997 12:59:06 +0200 (MET DST) Date: Thu, 3 Jul 1997 12:59:06 +0200 (MET DST) From: Andrzej Bialecki To: freebsd-hackers@FreeBSD.ORG Subject: Crypto (MD5,DES) filesystem Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Hi! I'm looking for an implementation of crypto filesystem for FreeBSD. Perhaps it doesn't exist at all (yet). I'm ignorant in filesystems intrinsics, so don't laugh, but here's my idea how it could be done: * take the nullfs and modify it, so that in every write it makes an XOR of md5-hashed password with the actual block contents. On every read do the contrary. In other words, to slide in encryption between vnode and nullfs layers. * modify the mount_null (let's call it mount_crypto) to get a password from user. Then user could issue the following command (as it is not required to be superuser to do such mounts): mount_crypto -e md5 /home/user/plaintext/locked /home/user/unlocked and every file in directory 'locked' would be encrypted/decrypted on the fly. The most important being the contents of the disk blocks are always encrypted (no need to write decrypted blocks anywhere). Now, be kind, but what do you think of it? Sincerely yours, --- Andrzej Bialecki FreeBSD: Turning PCs Into Workstations http://www.freebsd.org Research and Academic Network in Poland