[OpenAFS-devel] [GSoC 2010] Encrypted storage

[Simon Wilkinson]

> Simon, as the person that proposed the project, should be the one
> to explain what his intentions were with regards to the GSoC goals.

My intention is to use this project as way of starting experimenting  
with doing client-side data encryption. In this community, we have an  
unfortunate tendency towards designing baroque schemes which are  
unbridled in their complexity and then rot for years because nobody  
has the resources to implement them. I'm very keen to avoid doing so  
in this case.

The intention for this project is to build a simple prototype of doing  
encryption within the cache manager, restricted essentially to a  
single user, single client case. Encryption policy would be set  
locally on the client, using a similar mechanism to the pinning  
mechanism for disconnected authentication. The users encryption key  
would be shared with the kernel using the new token framework being  
built for rxgk.

If this prototype is successful, then I would hope that we can then  
consider discussing standardising mechanisms for sharing public keys,  
for encrypting to multiple recipients, and for distributing policy  
information to other clients. But all of these are out of scope for a  
3 month summer project for a developer new to OpenAFS.

>>    The first thing for the project would be to integrate HCrypto into
>>    OpenAFS

> I suspect that this work has already been done by Simon as part of the
> rxgk work.  I do not think this should be in scope for a GSoC project.

Indeed. The project should assume that a crypto library is already  
available. Of course, if the decision is made to use a more exotic  
cipher suite (ChaCha is interesting, given that it allows random  
access when decrypting), then work may be required to integrate  
specific ciphers.

Cheers,

Simon.