109f5412cSKees Cook========================================== 209f5412cSKees CookEncrypted keys for the eCryptfs filesystem 309f5412cSKees Cook========================================== 409f5412cSKees Cook 509f5412cSKees CookECryptfs is a stacked filesystem which transparently encrypts and decrypts each 609f5412cSKees Cookfile using a randomly generated File Encryption Key (FEK). 709f5412cSKees Cook 8*ff348763SFelix EckhoferEach FEK is in turn encrypted with a File Encryption Key Encryption Key (FEKEK) 909f5412cSKees Cookeither in kernel space or in user space with a daemon called 'ecryptfsd'. In 1009f5412cSKees Cookthe former case the operation is performed directly by the kernel CryptoAPI 11*ff348763SFelix Eckhoferusing a key, the FEKEK, derived from a user prompted passphrase; in the latter 1209f5412cSKees Cookthe FEK is encrypted by 'ecryptfsd' with the help of external libraries in order 1309f5412cSKees Cookto support other mechanisms like public key cryptography, PKCS#11 and TPM based 1409f5412cSKees Cookoperations. 1509f5412cSKees Cook 1609f5412cSKees CookThe data structure defined by eCryptfs to contain information required for the 1709f5412cSKees CookFEK decryption is called authentication token and, currently, can be stored in a 1809f5412cSKees Cookkernel key of the 'user' type, inserted in the user's session specific keyring 1909f5412cSKees Cookby the userspace utility 'mount.ecryptfs' shipped with the package 2009f5412cSKees Cook'ecryptfs-utils'. 2109f5412cSKees Cook 2209f5412cSKees CookThe 'encrypted' key type has been extended with the introduction of the new 2309f5412cSKees Cookformat 'ecryptfs' in order to be used in conjunction with the eCryptfs 2409f5412cSKees Cookfilesystem. Encrypted keys of the newly introduced format store an 25*ff348763SFelix Eckhoferauthentication token in its payload with a FEKEK randomly generated by the 2609f5412cSKees Cookkernel and protected by the parent master key. 2709f5412cSKees Cook 2809f5412cSKees CookIn order to avoid known-plaintext attacks, the datablob obtained through 2909f5412cSKees Cookcommands 'keyctl print' or 'keyctl pipe' does not contain the overall 30*ff348763SFelix Eckhoferauthentication token, which content is well known, but only the FEKEK in 3109f5412cSKees Cookencrypted form. 3209f5412cSKees Cook 3309f5412cSKees CookThe eCryptfs filesystem may really benefit from using encrypted keys in that the 3409f5412cSKees Cookrequired key can be securely generated by an Administrator and provided at boot 3509f5412cSKees Cooktime after the unsealing of a 'trusted' key in order to perform the mount in a 3609f5412cSKees Cookcontrolled environment. Another advantage is that the key is not exposed to 3709f5412cSKees Cookthreats of malicious software, because it is available in clear form only at 3809f5412cSKees Cookkernel level. 3909f5412cSKees Cook 4009f5412cSKees CookUsage:: 4109f5412cSKees Cook 4209f5412cSKees Cook keyctl add encrypted name "new ecryptfs key-type:master-key-name keylen" ring 4309f5412cSKees Cook keyctl add encrypted name "load hex_blob" ring 4409f5412cSKees Cook keyctl update keyid "update key-type:master-key-name" 4509f5412cSKees Cook 4609f5412cSKees CookWhere:: 4709f5412cSKees Cook 4809f5412cSKees Cook name:= '<16 hexadecimal characters>' 4909f5412cSKees Cook key-type:= 'trusted' | 'user' 5009f5412cSKees Cook keylen:= 64 5109f5412cSKees Cook 5209f5412cSKees Cook 5309f5412cSKees CookExample of encrypted key usage with the eCryptfs filesystem: 5409f5412cSKees Cook 5509f5412cSKees CookCreate an encrypted key "1000100010001000" of length 64 bytes with format 5609f5412cSKees Cook'ecryptfs' and save it using a previously loaded user key "test":: 5709f5412cSKees Cook 5809f5412cSKees Cook $ keyctl add encrypted 1000100010001000 "new ecryptfs user:test 64" @u 5909f5412cSKees Cook 19184530 6009f5412cSKees Cook 6109f5412cSKees Cook $ keyctl print 19184530 6209f5412cSKees Cook ecryptfs user:test 64 490045d4bfe48c99f0d465fbbbb79e7500da954178e2de0697 6309f5412cSKees Cook dd85091f5450a0511219e9f7cd70dcd498038181466f78ac8d4c19504fcc72402bfc41c2 6409f5412cSKees Cook f253a41b7507ccaa4b2b03fff19a69d1cc0b16e71746473f023a95488b6edfd86f7fdd40 6509f5412cSKees Cook 9d292e4bacded1258880122dd553a661 6609f5412cSKees Cook 6709f5412cSKees Cook $ keyctl pipe 19184530 > ecryptfs.blob 6809f5412cSKees Cook 6909f5412cSKees CookMount an eCryptfs filesystem using the created encrypted key "1000100010001000" 7009f5412cSKees Cookinto the '/secret' directory:: 7109f5412cSKees Cook 7209f5412cSKees Cook $ mount -i -t ecryptfs -oecryptfs_sig=1000100010001000,\ 7309f5412cSKees Cook ecryptfs_cipher=aes,ecryptfs_key_bytes=32 /secret /secret 74