Date: Sun, 27 Jan 2002 15:16:35 +0100 From: "Anthony Atkielski" <anthony@freebie.atkielski.com> To: "peeter kallas" <peeter.kallas.002@mail.ee> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: Vastan: Cryptographic file systems Message-ID: <04a301c1a73d$3b06f580$0a00000a@atkielski.com> References: <200201271313.g0RDD7O32639@june.tele2.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
Peeter writes: > Thing is that only way to gain access to that box > is to physically break into the office, grab the > box can run before security guards arrive, so storing > info in encrypted form is quite adequate for the > situration. But if the box is physically secure, and if the system is configured correctly, then storing information in encrypted form is unnecessary, too, since nobody can get to information that he isn't authorized to see, anyway. Additionally, if it is nominally impossible for anyone to access information to which he is not entitled, and the machine is physically secure, BUT it is possible to technically compromise the machine so that access to unauthorized information is possible, then encryption on the server still will not work, because whatever compromise allows an intruder to gain unauthorized access to information will also allow him to gain unauthorized access to encryption material that will allow him to decrypt the information to which he has unauthorized access. So what it boils down to is that encryption is useful only if no plaintext ever exists on the server side or on the wire. ALL encryption and decryption MUST take place on the client side of the connection. If any plaintext appears on the server or on the wire, encryption is useless, and provides only a false sense of security. All secure e-mail systems, for example, handle encryption and decryption on the client machine exclusively, and all information on the wire and on the server is encrypted at all times. Additionally, secure systems keep all encryption key materials on the client side exclusively; no keys are stored or generated or communicated over the wire or on the server. A side effect of this is that there is no way to keep information required by the server secure. For example, file names cannot be kept secure, since the server must see them in the clear in order to manage the file system; file names must therefore be chosen so as not to compromise file content. > Of course it would be better if encryption is done on > the client side and theoretically it could be transparent > too -- for example NFS client for Windows that crypts > the file data (anybody heard of such?) Note that any system that renders encryption transparent on the client side is also insecure, at least on the client side. In other words, if the encryption and decryption are done automatically by the client, then anyone with physical access to the client has access to the encryption and decryption, and thus access to the data. In many applications, this is perfectly acceptable, of course, but it is important to keep it in mind. If the data must be kept secure even on the client side, then encryption systems must be particularly draconian in their handling of the encryption and decryption functions and their management of keys. Such systems are never transparent--far from it--and always involve input of key material from the individual end user (via passphrases, a floppy with a private key, a smart card containing key material, etc.). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?04a301c1a73d$3b06f580$0a00000a>