Kernel level cryptographic filesystem (GSoC)

Fri, Oct 9, 2009

FreeBSD





Gleb Kurtsou has been working this summer working on FreeBSD kernel level cryptographic filesystem pefs as part of the Google Summer of Code. He thinks the project is now mature enough for public review and comments.

I’m using it to encrypt my mailbox for some time already without any issues. For testing I use mostly dbench and fsx tools.

Some of pefs features (comparing to other stacked filesystems):

  • Kernel level implementation (no fuse and similar stuff)
  • Random per file tweak value used for encryption
  • Saves metadata only in encrypted file name (doesn’t change file content)
  • Doesn’t change encrypted file size
  • Arbitrary number of keys
  • Mixing files encrypted with different keys in single directory
  • Transparent mode of operation (no encryption, read-only, allows accessing filesystem snapshots easily)
  • Key chaining (though user level utility)
  • Modern encryption algorithms (AES and Camellia in CTR mode, Salsa20)

To read more about the project and how to download/test it, check this email or Gleb’s blogposts (incl performance benchmarks)


Related posts:

  1. FreeBSD and Google’s Summer of Code (GSoC)
  2. Debian gets FreeBSD kernel support
  3. Sun ZFS filesystem on FreeBSD
  4. Make Home, End and Delete keys work on FreeBSD
  5. FreeBSD Kernel Internals Lecture Posted


One Response to “Kernel level cryptographic filesystem (GSoC)”


Trackbacks/Pingbacks

  1. gugaBSD » FreeBSD: Criptografia de sistema de arquivo no kernel says:
    October 10, 2009 at 8:34 pm

    [...] Este post é uma tradução direta de outro post enviado para o blog FreeBSD – the unknown Giant Categories: mundo BSD Tags: criptografia, [...]

Leave a Reply


PHVsPjxsaT48c3Ryb25nPndvb19hZHNfcm90YXRlPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkXzMwMF9hZHNlbnNlPC9zdHJvbmc+IC0gPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI+PCEtLQ0KZ29vZ2xlX2FkX2NsaWVudCA9IFwicHViLTU0MDcwNDA4NDY2OTc5NDhcIjsNCi8qIGZic2RfMzAweDI1MF9zaWRlYmFyIC0gMjUvMTIvMDkgKi8NCmdvb2dsZV9hZF9zbG90ID0gXCIzNTk1NTQ4NDA2XCI7DQpnb29nbGVfYWRfd2lkdGggPSAzMDA7DQpnb29nbGVfYWRfaGVpZ2h0ID0gMjUwOw0KLy8tLT4NCjwvc2NyaXB0Pg0KPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCINCnNyYz1cImh0dHA6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvc2hvd19hZHMuanNcIj4NCjwvc2NyaXB0Pg0KPC9zY3JpcHQ+DQo8c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIg0Kc3JjPVwiaHR0cDovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9zaG93X2Fkcy5qc1wiPg0KPC9zY3JpcHQ+DQo8L3NjcmlwdD4NCjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiDQpzcmM9XCJodHRwOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL3Nob3dfYWRzLmpzXCI+DQo8L3NjcmlwdD48L2xpPjxsaT48c3Ryb25nPndvb19hZF8zMDBfaW1hZ2U8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb20vYWRzL3dvb3RoZW1lcy0zMDB4MjUwLTIuZ2lmPC9saT48bGk+PHN0cm9uZz53b29fYWRfMzAwX3VybDwvc3Ryb25nPiAtIGh0dHA6Ly90aGVtZXMud2Vib3kub3JnPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudDwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF9hZHNlbnNlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF9pbWFnZTwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbS9hZHMvMjAweDIwMGEuanBnPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF91cmw8L3N0cm9uZz4gLSBodHRwOi8vdGhlbWVzLndlYm95Lm9yZzwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX2ltYWdlXzE8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb20vYWRzL3dvb3RoZW1lcy0xMjV4MTI1LTEuZ2lmPC9saT48bGk+PHN0cm9uZz53b29fYWRfaW1hZ2VfMjwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbS9hZHMvd29vdGhlbWVzLTEyNXgxMjUtMi5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV8zPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy93b290aGVtZXMtMTI1eDEyNS0zLmdpZjwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX2ltYWdlXzQ8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb20vYWRzL3dvb3RoZW1lcy0xMjV4MTI1LTQuZ2lmPC9saT48bGk+PHN0cm9uZz53b29fYWRfaW1hZ2VfNTwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbS9hZHMvd29vdGhlbWVzLTEyNXgxMjUtNC5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV82PC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy93b290aGVtZXMtMTI1eDEyNS00LmdpZjwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3RvcDwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYWRfdG9wX2Fkc2Vuc2U8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19hZF90b3BfaW1hZ2U8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb20vYWRzL3dvb3RoZW1lcy00Njh4NjAtMi5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF90b3BfdXJsPC9zdHJvbmc+IC0gaHR0cDovL3RoZW1lcy53ZWJveS5vcmc8L2xpPjxsaT48c3Ryb25nPndvb19hZF91cmxfMTwvc3Ryb25nPiAtIGh0dHA6Ly90aGVtZXMud2Vib3kub3JnPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzI8L3N0cm9uZz4gLSBodHRwOi8vdGhlbWVzLndlYm95Lm9yZzwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3VybF8zPC9zdHJvbmc+IC0gaHR0cDovL3RoZW1lcy53ZWJveS5vcmc8L2xpPjxsaT48c3Ryb25nPndvb19hZF91cmxfNDwvc3Ryb25nPiAtIGh0dHA6Ly90aGVtZXMud2Vib3kub3JnPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzU8L3N0cm9uZz4gLSBodHRwOi8vdGhlbWVzLndlYm95Lm9yZzwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3VybF82PC9zdHJvbmc+IC0gaHR0cDovL3RoZW1lcy53ZWJveS5vcmc8L2xpPjxsaT48c3Ryb25nPndvb19hbGlnbjwvc3Ryb25nPiAtIGFsaWdubGVmdDwvbGk+PGxpPjxzdHJvbmc+d29vX2FsaWduX2ZlYXQ8L3N0cm9uZz4gLSBhbGlnbmxlZnQ8L2xpPjxsaT48c3Ryb25nPndvb19hbHRfc3R5bGVzaGVldDwvc3Ryb25nPiAtIDgtYmxhY2tuYmx1ZS5jc3M8L2xpPjxsaT48c3Ryb25nPndvb19hcmNoaXZlX2NvbnRlbnQ8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2FzaWRlc19jYXRlZ29yeTwvc3Ryb25nPiAtIFNlbGVjdCBhIGNhdGVnb3J5OjwvbGk+PGxpPjxzdHJvbmc+d29vX2F1dGhvcjwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYXV0b19pbWc8L3N0cm9uZz4gLSB0cnVlPC9saT48bGk+PHN0cm9uZz53b29fY29udGVudDwvc3Ryb25nPiAtIHRydWU8L2xpPjxsaT48c3Ryb25nPndvb19jb250ZW50X2ZlYXQ8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2N1Zm9uPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX2N1c3RvbV9jc3M8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19jdXN0b21fZmF2aWNvbjwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2RhdGU8L3N0cm9uZz4gLSBkLiBNLCBZPC9saT48bGk+PHN0cm9uZz53b29fZmVhdHVyZWQ8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2ZlYXR1cmVkX2Jhbm5lcjwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fZmVhdHVyZWRfZW50cmllczwvc3Ryb25nPiAtIDM8L2xpPjxsaT48c3Ryb25nPndvb19mZWF0dXJlZF9wb3N0czwvc3Ryb25nPiAtIFNlbGVjdCBhIG51bWJlcjo8L2xpPjxsaT48c3Ryb25nPndvb19mZWF0dXJlZF90YWdzPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fZmVhdF9pbWFnZV9oZWlnaHQ8L3N0cm9uZz4gLSAxOTU8L2xpPjxsaT48c3Ryb25nPndvb19mZWF0X2ltYWdlX3dpZHRoPC9zdHJvbmc+IC0gNTQwPC9saT48bGk+PHN0cm9uZz53b29fZmVlZGJ1cm5lcl9pZDwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2ZlZWRidXJuZXJfdXJsPC9zdHJvbmc+IC0gaHR0cDovL2ZlZWRzLmZlZWRidXJuZXIuY29tL0ZyZWVCU0QtVGhlVW5rbm93bkdpYW50PC9saT48bGk+PHN0cm9uZz53b29fZ29vZ2xlX2FuYWx5dGljczwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2hvbWVfY29udGVudDwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29faG9tZV9vbmVfY29sPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX2ltYWdlX3NpbmdsZTwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fbGVmdF9zaWRlYmFyPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19sb2dvPC9zdHJvbmc+IC0gaHR0cDovL3d3dy5mcmVlYnNkbmV3cy5uZXQvd3AtY29udGVudC93b29fdXBsb2Fkcy81LWZyZWVic2RuZXdzLmpwZzwvbGk+PGxpPjxzdHJvbmc+d29vX21hbnVhbDwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbS9zdXBwb3J0L3RoZW1lLWRvY3VtZW50YXRpb24vZnJlc2gtbmV3cy88L2xpPjxsaT48c3Ryb25nPndvb19tZW51X2Rlc2M8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX25hdl9leGNsdWRlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fbmF2X3RvcDwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fcmVzaXplPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX3NlYXJjaF9kaXNhYmxlPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19zaG9ydG5hbWU8L3N0cm9uZz4gLSB3b288L2xpPjxsaT48c3Ryb25nPndvb19zaW5nbGVfaGVpZ2h0PC9zdHJvbmc+IC0gMjAwPC9saT48bGk+PHN0cm9uZz53b29fc2luZ2xlX2ltYWdlX2hlaWdodDwvc3Ryb25nPiAtIDEwMDwvbGk+PGxpPjxzdHJvbmc+d29vX3NpbmdsZV9pbWFnZV93aWR0aDwvc3Ryb25nPiAtIDEwMDwvbGk+PGxpPjxzdHJvbmc+d29vX3NpbmdsZV93aWR0aDwvc3Ryb25nPiAtIDIwMDwvbGk+PGxpPjxzdHJvbmc+d29vX3NsaWRlcl9hdXRvPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19zbGlkZXJfaW50ZXJ2YWw8L3N0cm9uZz4gLSA0PC9saT48bGk+PHN0cm9uZz53b29fc2xpZGVyX3NwZWVkPC9zdHJvbmc+IC0gMC42PC9saT48bGk+PHN0cm9uZz53b29fc29jaWFsPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX3RhYnM8L3N0cm9uZz4gLSB0cnVlPC9saT48bGk+PHN0cm9uZz53b29fdGFic19jb21tZW50czwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX3RhYnNfbGF0ZXN0PC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fdGFic19wb3B1bGFyPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fdGhlbWVuYW1lPC9zdHJvbmc+IC0gRnJlc2ggTmV3czwvbGk+PGxpPjxzdHJvbmc+d29vX3RodW1iX2hlaWdodDwvc3Ryb25nPiAtIDIwMDwvbGk+PGxpPjxzdHJvbmc+d29vX3RodW1iX2hlaWdodF9mZWF0PC9zdHJvbmc+IC0gMjAwPC9saT48bGk+PHN0cm9uZz53b29fdGh1bWJfaW1hZ2VfaGVpZ2h0PC9zdHJvbmc+IC0gNzU8L2xpPjxsaT48c3Ryb25nPndvb190aHVtYl9pbWFnZV93aWR0aDwvc3Ryb25nPiAtIDc1PC9saT48bGk+PHN0cm9uZz53b29fdGh1bWJfd2lkdGg8L3N0cm9uZz4gLSAyMDA8L2xpPjxsaT48c3Ryb25nPndvb190aHVtYl93aWR0aF9mZWF0PC9zdHJvbmc+IC0gMjAwPC9saT48bGk+PHN0cm9uZz53b29fdHdpdHRlcjwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX3VwbG9hZHM8L3N0cm9uZz4gLSBhOjM6e2k6MDtzOjY3OiJodHRwOi8vd3d3LmZyZWVic2RuZXdzLm5ldC93cC1jb250ZW50L3dvb191cGxvYWRzLzUtZnJlZWJzZG5ld3MuanBnIjtpOjE7czo2NzoiaHR0cDovL3d3dy5mcmVlYnNkbmV3cy5uZXQvd3AtY29udGVudC93b29fdXBsb2Fkcy80LWZyZWVic2RuZXdzLmpwZyI7aToyO3M6Njc6Imh0dHA6Ly93d3cuZnJlZWJzZG5ld3MubmV0L3dwLWNvbnRlbnQvd29vX3VwbG9hZHMvMy1mcmVlYnNkbmV3cy5qcGciO308L2xpPjxsaT48c3Ryb25nPndvb192aWRlb19jYXRlZ29yeTwvc3Ryb25nPiAtIFNlbGVjdCBhIGNhdGVnb3J5OjwvbGk+PC91bD4=