[RFC] Encrypting file system

From: V Bhanu Chandra
Date: Mon Mar 06 2006 - 05:29:13 EST



Hi,

I am thinking of designing and implementing a new native encrypting
file system for the linux kernel as a part of a student / research
project. Unlike dm-crypt/loop-AES/cryptoloop, I plan to target
slightly more ambitious user specifications such as: per-file random
secret encryption keys which are in-turn encrypted using the public
keys of all users having access to that filesystem object (a copy
each), and these "tokens" stored along with the file as meta-data (in
an extended attribute, for example).

I've already come up with an initial conceptualization / design for
this and have just begun with the implementation.

Any comments / guidance / suggestions are most welcome and solicitated.

It would be helpful if someone has implemented (or is working on) a
patch for the kernel that implements RSA in the CryptoAPI, else I
might have to resort to have a user-space service for key management
tasks.

Warm regards,
Bhanu

--
V Bhanu Chandra,
Undergraduate Student,
Department of Computer Science & Engg,
IIT Kanpur, India
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/