[ale] BoS: new release (v.1.3.3) of CFS encrypting filesystem (fwd)

[Chris Farris]

I mentioned this in my security presentation, but had not found out any
details. Well here they are:
Forwarded message:
> From owner-best-of-security at suburbia.net Sun Mar 17 08:50:12 1996
> X-Authentication-Warning: suburbia.net: majordom set sender to owner-best-of-security using -f
> Message-Id: <199603170931.EAA02014 at nsa.tempo.att.com>
> To: cypherpunks at toad.com
> Subject: BoS: new release (v.1.3.3) of CFS encrypting filesystem
> Date: Sun, 17 Mar 1996 04:31:49 -0500
> From: Matt Blaze <mab at research.att.com>
> Sender: owner-best-of-security at suburbia.net
> Errors-to: nobody at mail.uu.net
> Precedence: bulk
> Reply-To: nobody at mail.uu.net
> 
> Source code for the latest version (release 1.3.3) of CFS, the Cryptographic
> File System, is now available upon request for research and experimental
> use in the US and Canada.  This version works under most BSD-derived Unix
> systems and should now run without modification under most current Linux
> releases as well.
> 
> CFS pushes encryption services into the Unix(tm) file system.  It
> supports secure storage at the system level through a standard Unix
> file system interface to encrypted files.  Users associate a
> cryptographic key with the directories they wish to protect.  Files in
> these directories (as well as their pathname components) are
> transparently encrypted and decrypted with the specified key without
> further user intervention; cleartext is never stored on a disk or sent
> to a remote file server.  CFS employs a novel combination of DES
> stream and codebook cipher modes to provide high security with good
> performance on a modern workstation.  CFS can use any available file
> system for its underlying storage without modification, including
> remote file servers such as NFS.  System management functions, such as
> file backup, work in a normal manner and without knowledge of the key.
> 
> CFS runs under SunOS and several other BSD-derived systems with NFS.
> It is implemented entirely at user level, as a local NFS server
> running on the client machine's "loopback" interface.  It consists of
> about 5000 lines of code and supporting documentation.  You must have
> "root" access to install CFS.
> 
> CFS was first mentioned at the work-in-progress session at the Winter
> '93 USENIX Conference and was more fully detailed in:
> 
>     Matt Blaze. "A Cryptographic File System for Unix", Proc. 1st ACM
>     Conference on Computer and Communications Security, Fairfax, VA,
>     November 1993. (PostScript available by anonymous ftp from
>     research.att.com in the file dist/mab/cfs.ps.)
> 
> and in
> 
>     Matt Blaze. "Key Management in an Encrypting File System", Proc.
>     Summer '94 USENIX Tech. Conference, Boston, MA, June 1994.
>     (PostScript available by anonymous ftp from research.att.com
>     in the file dist/mab/cfskey.ps.)
> 
> Version 1.3 of CFS also includes ESM, the Encrypting Session Manager.
> ESM provides shell-to-shell encrypted sessions across insecure links
> and requires no OS or network support.  It is useful for typing cfs
> passphrases when logged in over the network.  ESM needs RSAREF 2.0 to
> compile and is tested only on SunOS and BSDI.  ESM is the first released
> part of a suite of session encryption tools that are described in
> 
>     Matt Blaze and Steve Bellovin. "Session-layer Encryption."
>     Proc. 1995 USENIX Security Workshop, Salt Lake City, June 1995.
>     (PostScript is available from
>     ftp://research.att.com/dist/mab/sesscrypt.ps)
> 
> The new version of CFS differs from the version described in the
> papers in a few ways:
> 
> * The DES-based encryption scheme has been strengthened, and now
> provides greater security but with the online latency of only single-DES.
> 
> * Support for the smartcard-based key management system is not
> included and a few of the tools are not included.
> 
> * An impoved key management scheme now allows chaning the passphrase
> associated with a directory.
> 
> * The performance has been improved.
> 
> * The security of the system against certain non-cryptanalytic attacks
> has been improved somewhat. 
> 
> * User-contributed ports to a number of additional platforms.
> 
> * Hooks for adding new ciphers.
> 
> * 3-DES, MacGuffin, and SAFER-SK128 encryption options.
> 
> * Timeout options allow automatic detach of encrypted directories
> after a set time or period of inactivity.
> 
> CFS is distributed as a research prototype; it is COMPLETELY
> UNSUPPORTED software.  No warranty of any kind is provided.  We will
> not be responsible if the system deletes all your files and emails the
> cleartext directly to the NSA or your mother.  Also, we do not have
> the resources to port the software to other platforms, although you
> are welcome to do this yourself.  The software was developed under
> SunOS and BSDI, and there are also unsupported user-contributed ports
> available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix.  We really
> can't promise to provide any technical support at all, beyond the
> source code itself.  We also maintain a mailing list for CFS users and
> developers; subscription information is included with the source code.
> 
> Because of export restrictions on cryptographic software, we are only
> able to make the software available within the US and Canada to US and
> Canadian citizens and permanent residents.  Unfortunately, we cannot
> make it available for general anonymous ftp or other uncontrolled
> access, nor can we allow others to do so.  Sorry.
> 
> Legal stuff from the README file:
> 
>  *              Copyright (c) 1992, 1993, 1994, 1995 by AT&T.
>  * Permission to use, copy, and modify this software without fee
>  * is hereby granted, provided that this entire notice is included in
>  * all copies of any software which is or includes a copy or
>  * modification of this software and in all copies of the supporting
>  * documentation for such software.
>  *
>  * This software is subject to United States export controls.
>  *
>  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
>  * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
>  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
>  * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
> 
> If you would like a copy of the CFS source code, please read to the end
> of this message and then send email to:
> 
> 	cfs at research.att.com
> 
> DO NOT REPLY DIRECTLY TO THIS MESSAGE.  You must include a statement
> that you are in the US or Canada, are a citizen or legal permanent
> resident of the US or Canada, and have read and understand the license
> conditions stated above.  Be sure to include an email address in a US-
> or Canada-registered domain. The code will be sent to you via email in
> a "shar" shell archive (a little over 300K bytes long).
>