Use of Smartcards in File Encryption - ESCRYPT
Use of Smartcards in File Encryption - ESCRYPT
Use of Smartcards in File Encryption - ESCRYPT
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Use</strong> <strong>of</strong> Smart Cards for <strong>File</strong> <strong>Encryption</strong>Federal Office for Information Security (BSI)WS on Cryptography and Embedded Security / 01.03.2011
Contents Dist<strong>in</strong>ction between volume encryption and file encryption Basic role <strong>of</strong> smart card as security token <strong>Use</strong> cases for file encryption <strong>in</strong> client/server architectures Cryptographic functionality <strong>in</strong> security solution “ESOSI”Arm<strong>in</strong> Cordel02/10/112
PW-Based Volume <strong>Encryption</strong><strong>Use</strong>r enterspassword „PW“PWvolume encryptionRAMdirectory (cleartext)/mnt/decrypted/PC (Client or Server)decrypts „ directory “with volume key „r“hard discencrypted volumedirectory/dev/hda2Arm<strong>in</strong> Cordel02/10/113
<strong>File</strong> <strong>Encryption</strong> – <strong>File</strong>system Layersmart card decryptsthe i-th file keywith key „A“ whenuser „A“ enters PINAeCryptfscleartext file # i/home/user A/directory #j/ciphertext filecleartext file # i/mnt/encrypted/directory #j/RAMPC (client or server) decryptsthe i-th „ . “ with i-th file keycleartext filehard disk / networkArm<strong>in</strong> Cordel02/10/114
<strong>File</strong> <strong>Encryption</strong> – Major Properties Encrypts each file with a dist<strong>in</strong>ct file key r i <strong>Encryption</strong> is part <strong>of</strong> filesystem layer Occurs automatically without user <strong>in</strong>teraction There are ciphertext files Ciphertext files not bound to a specific network component Contents <strong>of</strong> ciphertext file is associated with user by means<strong>of</strong> cryptography Cryptography is based on user token (smart card) Functionality required ?Arm<strong>in</strong> Cordel02/10/115
Functionality <strong>of</strong> Smart Card1.)AGenerate (e, d, n 1) for encryption, decryptionGenerate (v, s, n 2) for verification, sign<strong>in</strong>g2.)Apublic keyscertificatesCA-PC3.)AEncrypted keys, hash valuesDecrypted keys, signatures<strong>Use</strong>r-PC or<strong>File</strong>server-PC4.)ARequest random numberTrue Random Number<strong>Use</strong>r-PC or<strong>File</strong>server-PCArm<strong>in</strong> Cordel02/10/116
Functionality <strong>of</strong> Smart Card Smart card serves as security anchor Bound to user by means <strong>of</strong> PIN Protects private keys aga<strong>in</strong>st physical attacks Provides assured cryptographic functionality Generation <strong>of</strong> public/private key-pairs Random number generator Operations requir<strong>in</strong>g secret keys Provides PIN-protected storage Certificates <strong>of</strong> user and root-CA ...Arm<strong>in</strong> Cordel02/10/117
<strong>File</strong> <strong>Encryption</strong> – Client / Server NetworkArm<strong>in</strong> Cordel02/10/118
ESOSI: Groups <strong>of</strong> <strong>Use</strong>rssmart card decryptsdirectory key <strong>of</strong> user “A”with key „A“ whenuser „A“ enters PINAeCryptfscleartext file # i/home/user A/directory #j/ciphertext fileRAMPC (client or server) decryptsI-th file key with j-th directory key andthe i-th „ . “ with i-th file keycleartext filehard disk / networkcleartext file #i/mnt/encrypted/directory #j/directory header filepath to directory|| directory keysArm<strong>in</strong> Cordel02/10/119
ESOSI: Groups <strong>of</strong> <strong>Use</strong>rs Open Source file encryption “eCryptfs” 2-stage key-hierarchy: <strong>File</strong> key r i Directory key V j Project ESOSI Smart card is user token and security anchor There is a directory header Enables groups <strong>of</strong> users Enables emergency manager ... Integration <strong>in</strong> client / server network ?Arm<strong>in</strong> Cordel02/10/1110
<strong>File</strong> <strong>Encryption</strong> ESOSI: Ma<strong>in</strong> ComponentsArm<strong>in</strong> Cordel02/10/1111
ESOSI: Ma<strong>in</strong> Components <strong>Use</strong>r Interface Component Interface to smart card on client Graphical user <strong>in</strong>terface Mount / unmount <strong>of</strong> directories Groups <strong>of</strong> users ... <strong>File</strong> <strong>Encryption</strong> Component Interface to filesystem on l<strong>in</strong>ux-client or file server Manages directory keys V j ... <strong>File</strong> <strong>Encryption</strong> “eCryptfs” Carries out file encryption with given V jArm<strong>in</strong> Cordel02/10/1112
ESOSI: Shar<strong>in</strong>g <strong>of</strong> Directory Keys Secondary group <strong>of</strong> users Each <strong>of</strong> n members has share s k<strong>of</strong> V j t out <strong>of</strong> n members have to collaborate to reconstruct V j <strong>Use</strong>r smart card is used to decrypt each s k Purpose Availability <strong>of</strong> directory contents Avoid<strong>in</strong>g use <strong>of</strong> emergency smart card Gives regular, but not “too easy” access for secondary group Collaborators / witnesses needed Logg<strong>in</strong>g <strong>Use</strong>r friendlyness ??Arm<strong>in</strong> Cordel02/10/1113
ESOSI: Secret Shar<strong>in</strong>g Messag<strong>in</strong>g(simplified)aClient authenticationEncrypted master secretServer authenticationSEncrypted session key K ASaMessage encrypted with K ASSbMessage encrypted with K BSArm<strong>in</strong> Cordel02/10/1114
ESOSI: Secret Shar<strong>in</strong>g Messag<strong>in</strong>g ESOSI: Secret Shar<strong>in</strong>g Messag<strong>in</strong>g There is a central messag<strong>in</strong>g server (MS) Basic TLS key exchange between clients and MS Signature key on smart card is used to sign nonces Decryption key on smart card is used to encrypt bilateral secret Provides session key to protect messag<strong>in</strong>g protocol Shares s k<strong>of</strong> V jare exchanged via messag<strong>in</strong>g protocol <strong>Use</strong> case is distributed over several client PCsArm<strong>in</strong> Cordel02/10/1115
Conclusion Open Source file encryption eCryptfs used eCryptfs has been extended (ESOSI) Cryptographic user groups <strong>in</strong> client/server network Smart card as a user token Secret shar<strong>in</strong>g cryptography supports availability Smart card serves as security anchor Protects private keys Only carries out basic secret key operations PIN-protected storage for certificates <strong>of</strong> user and root-CAArm<strong>in</strong> Cordel02/10/1116
References https://launchpad.net/ecryptfs https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/KES/kes0209_pdf.pdf?__blob=publication<strong>File</strong> http://www.l<strong>in</strong>ux-kongress.org/2009/abstracts.html#3_3_2 http://sourceforge.net/projects/esosiArm<strong>in</strong> Cordel02/10/1117
ContactBundesamt für Sicherheit <strong>in</strong> derInformationstechnik (BSI)Arm<strong>in</strong> CordelGodesberger Allee 185-18953175 BonnTel: +49 (0)22899-9582-5289Fax: +49 (0)22899-10-9582-5289arm<strong>in</strong>.cordel@bsi.bund.dewww.bsi.bund.dewww.bsi-fuer-buerger.deArm<strong>in</strong> Cordel02/10/1118