[72] in The Cryptographic File System users list
Keyfile
daemon@ATHENA.MIT.EDU (John R MacMillan)
Mon Apr 27 12:27:12 1998
From owner-cfs-users@research.att.com Mon Apr 27 16:27:12 1998
Return-Path: <owner-cfs-users@research.att.com>
Delivered-To: cfs-mtg@bloom-picayune.mit.edu
Received: (qmail 858 invoked from network); 27 Apr 1998 16:27:11 -0000
Received: from unknown (HELO ns.research.att.com) (192.20.225.4)
by bloom-picayune.mit.edu with SMTP; 27 Apr 1998 16:27:11 -0000
Received: from research.att.com ([135.207.30.100]) by ns; Mon Apr 27 12:25:43 EDT 1998
Received: from amontillado.research.att.com ([135.207.24.32]) by research-clone; Mon Apr 27 12:11:38 EDT 1998
Received: from nsa.research.att.com (majordomo@nsa.research.att.com [135.207.24.155])
by amontillado.research.att.com (8.8.7/8.8.7) with ESMTP id MAA15948;
Mon, 27 Apr 1998 12:11:36 -0400 (EDT)
Received: (from majordomo@localhost) by nsa.research.att.com (8.7.3/8.7.3) id MAA04052 for cfs-users-list; Mon, 27 Apr 1998 12:08:54 -0400 (EDT)
X-Authentication-Warning: nsa.research.att.com: majordomo set sender to owner-cfs-users@nsa.research.att.com using -f
Received: from research.att.com (research-clone.research.att.com [135.207.30.100]) by nsa.research.att.com (8.7.3/8.7.3) with SMTP id MAA04048 for <cfs-users@nsa.research.att.com>; Mon, 27 Apr 1998 12:08:52 -0400 (EDT)
Received: from seraph.uunet.ca ([142.77.1.254]) by research-clone; Mon Apr 27 12:09:10 EDT 1998
Received: from currency ([204.92.92.1]) by seraph.uunet.ca with SMTP id <322312-18014>; Mon, 27 Apr 1998 12:09:06 -0400
Received: from elixir.algorithmics by currency (4.1/SMI-4.1)
id AA14038; Mon, 27 Apr 98 12:11:49 EDT
Received: from algorithmics.com by elixir.algorithmics (SMI-8.6/SMI-SVR4)
id MAA13222; Mon, 27 Apr 1998 12:12:15 -0400
From: John R MacMillan <john@interlog.com>
To: cfs-users@research.att.com
Subject: Keyfile
Date: Mon, 27 Apr 1998 12:12:14 -0400
Message-Id: <13220.893693534@algorithmics.com>
Sender: owner-cfs-users@research.att.com
Precedence: bulk
I was reading the documentation for a DOS encrypted filesystem
product, and it had a feature I found interesting, and wondered if it
would make sense in CFS. Disclaimer: I am by no means a crypto
expert so I don't really know if this is a good idea or not.
The command to mount the encrypted drive (the cattach equivalent)
could be given a keyfile to get some (fixed, I think) number of bits
of passphrase out of. I couldn't tell whether this was in lieu of a
typed passphrase or in addition to, but it sounded like it could be
either. I presume if you used both, the final passphrase was the XOR
of the keyfile plus the typed passphrase.
This would allow fairly easy construction of a physical key, by
making a floppy disk with the keyfile, for example. In conjunction
with a typed passphrase, it would seem to me to allow for a stronger
final passphrase, since the one on diskette would not have to be
memorable.
Another advantage the documentation claimed is that if you told it to
look for a keyfile, but it was not found, it would issue a warning
but proceed to ask for a passphrase anyway and just use that. This
was said to be defense against rubber hose crypto, since you could
claim you lost/destroyed the keyfile and make up a bogus passphrase
that wouldn't work without the keyfile. (Obviously, this would only
work against a `soft' rubber hose. :-) )
Any comments?
