[OpenAFS-devel] Re: [OpenAFS] Encrypted connections by default in OpenAFS 1.8?

Jason Edgecombe jason@rampaginggeek.com
Fri, 27 Feb 2015 23:33:00 -0500

On 02/27/2015 10:09 PM, Jeffrey Altman wrote:
> On 2/27/2015 9:51 PM, Jason Edgecombe wrote:
>> ** file server option to force authenticated access to use encryption
> A file server cannot force authenticated access from a client to use
> encryption.  The client chooses the property of the connection and uses
> that to send data to the file server prior to the file server deciding
> whether or not to issue an authentication challenge.
> The client needs to be told the connection policy prior to connection
> establishment (that is what "fs setcrypt" does).  A file server can
> choose to ignore a connection but by that time the data you wish to be
> secure has already been transmitted in the clear.  If the connection is
> rejected by the file server and the clear retransmits the same request
> using a new encryption connection, the client has now given known
> plaintext to an attacker to use to determine the encryption key.
> This is where AuriStor's policy framework comes into play.  It is a
> mechanism by which the clients are told ahead of time which
> authentication and wire privacy modes are to be used for each file
> server connection.  That way if your volume is to be accessed only using
> an rxgk authenticated aes256-sha1 encrypted/integrity protected
> connection the client knows what to do and the file server knows what to
> enforce.  Only then can there be a guarantee that there will be no
> information leakage.
> Jeffrey Altman
Hmmm, hadn't thought of the plain text attack angle.