Separating key management from file system security

No secure network file system has ever grown to span the Internet. Existing systems all lack adequate key management for security at a global scale. Given the diversity of the Internet, any particular mechanism a file system employs to manage keys will fail to support many types of use.We propose separating key management from file system security, letting the world share a single global file system no matter how individuals manage keys. We present SFS, a secure file system that avoids internal key management. While other file systems need key management to map file names to encryption keys, SFS file names effectively contain public keys, making them self-certifying pathnames. Key management in SFS occurs outside of the file system, in whatever procedure users choose to generate file names.Self-certifying pathnames free SFS clients from any notion of administrative realm, making inter-realm file sharing trivial. They let users authenticate servers through a number of different techniques. The file namespace doubles as a key certification namespace, so that people can realize many key management schemes using only standard file utilities. Finally, with self-certifying pathnames, people can bootstrap one key management mechanism using another. These properties make SFS more versatile than any file system with built-in key management.

[1]  Hugh C. Williams,et al.  A modification of the RSA public-key encryption procedure (Corresp.) , 1980, IEEE Trans. Inf. Theory.

[2]  Dan Walsh,et al.  Design and implementation of the Sun network filesystem , 1985, USENIX Conference Proceedings.

[3]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[4]  Sun Microsystems,et al.  RPC: Remote Procedure Call Protocol specification: Version 2 , 1988, RFC.

[5]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[6]  Mahadev Satyanarayanan,et al.  Scale and performance in a distributed file system , 1988, TOCS.

[7]  J. Howard Et El,et al.  Scale and performance in a distributed file system , 1988 .

[8]  Mahadev Satyanarayanan,et al.  Integrating security in a large distributed system , 1989, TOCS.

[9]  John K. Ousterhout,et al.  Why Aren't Operating Systems Getting Faster As Fast as Hardware? , 1990, USENIX Summer.

[10]  Mahadev Satyanarayanan,et al.  Scalable, secure, and highly available distributed file access , 1990, Computer.

[11]  Sailesh Chutani,et al.  DEcorum File System Architectural Overview , 1990, USENIX Summer.

[12]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[13]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[14]  Mendel Rosenblum,et al.  The design and implementation of a log-structured file system , 1991, SOSP '91.

[15]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[16]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[17]  Garret Swart,et al.  A coherent distributed file cache with directory write-behind , 1994, TOCS.

[18]  Martín Abadi,et al.  Authentication in the Taos operating system , 1994, TOCS.

[19]  John S. Heidemann,et al.  File-system development with stackable layers , 1994, TOCS.

[20]  Raj Srinivasan,et al.  XDR: External Data Representation Standard , 1995, RFC.

[21]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[22]  Brent Callaghan,et al.  NFS Version 3 Protocol Specification , 1995, RFC.

[23]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[24]  Alan O. Freier,et al.  The SSL Protocol Version 3.0 , 1996 .

[25]  Garret Swart,et al.  The Echo Distributed File System , 1996 .

[26]  Tatu Ylonen,et al.  SSH: secure login connections over the internet , 1996 .

[27]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[28]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[29]  Thomas D. Wu The Secure Remote Password Protocol , 1998, NDSS.

[30]  John Kubiatowicz,et al.  Operating system services for wide-area applications , 1998 .

[31]  David Mazières,et al.  A future-adaptive password scheme , 1999 .

[32]  David Mazières,et al.  The Advanced Computing Systems Association a Future-adaptable Password Scheme a Future-adaptable Password Scheme , 2022 .

[33]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[34]  Rodney Thayer,et al.  A Stream Cipher Encryption Algorithm 'Arcfour' , 1999 .

[35]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..