Encrypted filesystems


Linux offers several ways to establish a transparently encrypted filesystem. That means a hierarchical subtree of directories and files, such that all data written to it gets encrypted just before being written, and all that is read from it gets decrypted just after being read. The whole time in between (after encrypt but before decrypt) the data sits on the disk in encrypted form. It is never disk-resident in the clear. That's the benefit.

Accomplishing this involves inserting an additional processing step or extra layer in the chain of activities performed to drive the disk. That might mean using an modified version of the regular disk driver but usually means preserving it unaltered while cascading an additional driver together with it. Utilities (ls, cat, et. al.) that would normally talk to the regular disk driver talk to the extra one instead, which in turn passes through to the regular one. Any special processing of the written datastream (encrypting it, splitting it for striping,...) can be done in this additional "predriver." Since disk drivers get auto-selected depending on what part of the tree you're writing to, by mounting a particular subtree in association with your predriver the predriver gets its hands on the all data heading for the subtree. It can then call the regular driver to actually inscribe onto the disk, but handing it an encrypted version of what the utility handed it. This happens automatically subtree-wide.

The traditional technique is sometimes called "cryptoloop" because it uses the so-called loop device. Its centerpiece command is losetup. More recently, with the 2.6 version of the kernel, the device mapper was introduced. It too embodies this concept of driver chaining. Encryption is  one of its applications, though there are others. Device mapping is more general-purpose and tends to replace cryptoloop. Its central command is dmcreate. To simplify the use of dmcreate for the specific purpose of encryption, the cryptsetup command was created. Then there are dedicated opensource projects like EncFS and Truecrypt.

cryptoloop
  losetup

device mapper based
  dmsetup
  cryptsetup

EncFS  wiki introduction download sources

truecrypt

Often a mounted subtree corresponds to a physical device, and often it might be a removable one (floppy, USB stick). If one of these is plugged into a Windows system, software can be found in most cases to use them there. Truecrypt has versions for both platforms. cryptoloop and device mapper volumes can be read in Windows by FreeOTFE.

The cryptoloop exercise to perform

For this exercise you will set up a floppy as an encrypted device using cryptoloop. You will write specific material to it. But your machine may not have a floppy drive. In that case, you will make a container file to substitute for the floppy. For those two cases (choose and follow one, depending) you will supply physical storage to the encryption software.

Here's how:

If you have a physical floppy drive If you do not
<put a diskette into the drive>
losetup  /dev/loop0  /dev/fd0
dd  if=/dev/urandom  of=~/myfloppy.img  bs=1024 count=1440
losetup  /dev/loop0  ~/myfloppy.img

At this point, equivalently, you have 1.4M of storage on a device, namely /dev/loop0. Beyond that point you employ /dev/loop0 identically. Whether the actual storage that backs it is a floppy or a file or a bathtub is transparent to further operations. Whichever physical storage you're using, here are the next steps for you to perform:

mkfs -t vfat /dev/loop0

mkdir -p /tmp/mountpoint
mount /dev/loop0 /tmp/mountpoint

echo "hello" > /tmp/mountpoint/hello.txt
cat /tmp/mountpoint/hello.txt
umount /tmp/mountpoint

mount /dev/loop0 /tmp/mountpoint
cat /tmp/mountpoint/hello.txt
umount /tmp/mountpoint
losetup -d /dev/loop0

Let me verbally annotate this code. First you need a filesystem, because you can't write files onto a disk or other device (directly). That's right. You can only write them into filesystems (note the "file" in "filesystem!). And while a filesystem might reside on a disk, a case in which the file would transitively land on that disk, that is incidental. So far, you have a device but want to write files so need a filesystem which you don't have (yet). So you make a filesystem by using the above mkfs command. Then you have a filesystem. Actually two, and this is your second. You are already running linux so you have the familiar filesystem with directories like /, /home, /etc, /var/log, etc etc. You want to integrate the other one which you just created on the outside device, into this first one as a subtree. Get a place at which to do so ("mkdir" above) and integrate it ("mount" above). Now the new filesystem in within reach. You can write and read files on it. That happens implicitly just by writing or reading the /tmp/mountpoint subtree. If your filesystem-containing device is a physical floppy your files will be on the diskette and if a container file they'll be within that file. Above, you write a file to your filesystem with a redirected "echo" then read it back with "cat." You disconnect, reconnect, and read it again to show its persistence  (umount/mount/cat). Note that after disconnecting your filesystem from your system, you could just as well have reconnected to it at a different computer instead, by taking its diskette or container file over there.

When you are all finished, the file named "hello.txt" containing the word "hello" is in your physical device. Demonstrate that to yourself by either

grep hello /dev/fd0 or grep hello ~/myfloppy.img

grep prints either a message or nothing, to indicate it found "hello" in the container or not. In this case you will see the message. The file is in the container, in the clear.

Now I want you do pretty much the same thing all over again with one added ingredient-- encryption. The only thing you change is the preliminary step. This time, do it like this:

If you have a physical floppy drive If you do not
<put a diskette into the drive>
modprobe cryptoloop
losetup -e aes /dev/loop0 /dev/fd0
dd if=/dev/urandom of=~/myfloppy.img bs=1024 count=1440
modprobe cryptoloop
losetup -e aes /dev/loop0 ~/myfloppy.img

Note this time losetup asks you for a password. It uses your response as an encryption key (technically it's not a password). As password, please use "password" (for instructor's benefit). Now perform exactly the same remaining steps as before (above rectangle). This time when finished, the file named "hello.txt" containing the word "hello" is in your physical device but not in visible form. It's been encrypted. Demonstrate that to yourself by either

grep hello /dev/fd0 or grep hello ~/myfloppy.img

grep prints either a message or nothing, to indicate it found "hello" in the container or not. In this case you will see nothing. The file is in the container, but only in encrypted form. Getting access to it will require the password/key, demanded whenever you try to set up the container as a loop device.

In addition to hello.txt, if we previously created gpg keys for class please also place a digitally signed copy of the Gettysburg Address (gettysburg.txt) on your encrypted filesystem. When done, having fully umounted and losetup -d'd, please submit your device to the instructor. Depending whether you're using a physical diskette or not, prepare your submittal like this:

If you have a physical floppy drive If you do not
dd  if=/dev/fd0  of=~/myfloppy.studentXX
<remove diskette from the drive>
mv  ~/myfloppy.img  ~/myfloppy.studentXX

where studentXX represents your identifying token or name, per instructor. Submit your myfloppy.studentXX file.