Techniques and Solutions for Storage Encryption
Vittorio GiovaraFebruary 20, 2008
Contents
1 Introduction 3
1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.2 Basics of File Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.2.1 Files and Filesystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.2.2 Disk partition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.2.3 Master Boot Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.2.4 Loop Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.3 Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Modern Techniques 5
2.1 Full Disk Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52.2 Virtual Disk Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62.3 Volume Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62.4 File/Folder Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62.5 Other Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3 Solution Analisys 8
3.1 Possible Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83.1.1 Advantages/Disadvantages Summary . . . . . . . . . . . . . . . . . . . . . . . . . . 83.2 Cryptoghaphic Concerns and Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93.3 Authentication Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.4 Selection Aspects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4 Current Implementations and Benchmarks 11
4.1 TrueCrypt 5.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114.1.1 TrueCrypt for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114.1.2 TrueCrypt for Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114.1.3 TrueCrypt for Mac OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114.2 BestCrypt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124.2.1 BestCrypt for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124.2.2 BestCrypt for Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124.3 Operating System Integrated Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124.3.1 Linux - dm-crypt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124.3.2 Windows - EFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134.3.3 Mac OS X - FileVault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134.4 Final Benchmarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134.4.1 Volume Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144.4.2 Virtual Disk Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154.4.3 Full Disk Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Bibliography 20A Test script 21
1
List of Tables
4.1 Volume Encryption perfomance test #1 (one file from single bytes). . . . . . . . . . . . . . . 144.2 Volume Encryption perfomance test #2 (one file from blocks of 1024 bytes). . . . . . . . . . . 144.3 Volume Encryption perfomance test #3 (one file from blocks of 4096 bytes). . . . . . . . . . . 144.4 Volume Encryption perfomance test #4 (multiple files from single bytes). . . . . . . . . . . . 154.5 Volume Encryption perfomance test #5 (multiple files from blocks of 1024 bytes). . . . . . . . 154.6 Volume Encryption perfomance test #6 (multiple files from blocks of 4096 bytes). . . . . . . . 154.7 Virtual Disk Encryption perfomance test #1 (one file from single bytes). . . . . . . . . . . . . 164.8 Virtual Disk Encryption perfomance test #2 (one file from blocks of 1024 bytes). . . . . . . . 164.9 Virtual Disk Encryption perfomance test #3 (one file from blocks of 4096 bytes). . . . . . . . 164.10 Virtual Disk Encryption perfomance test #4 (multiple files from single bytes). . . . . . . . . . 164.11 Virtual Disk Encryption perfomance test #5 (multiple files from blocks of 1024 bytes). . . . . 174.12 Virtual Disk Encryption perfomance test #6 (multiple files from blocks of 4096 bytes). . . . . 174.13 Full Disk Encryption boot time test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174.14 Full Disk Encryption perfomance test #1 (one file from single bytes). . . . . . . . . . . . . . . 174.15 Full Disk Encryption perfomance test #2 (one file from blocks of 1024 bytes). . . . . . . . . . 184.16 Full Disk Encryption perfomance test #3 (one file from blocks of 4096 bytes). . . . . . . . . . 184.17 Full Disk Encryption perfomance test #4 (multiple files from single bytes). . . . . . . . . . . . 184.18 Full Disk Encryption perfomance test #5 (multiple files from blocks of 1024 bytes). . . . . . . 184.19 Full Disk Encryption perfomance test #6 (multiple files from blocks of 4096 bytes). . . . . . . 192
Search History:
Result 00 of 00
00 results for result for
p.
Techniques and Solutions for Storage Encryption
Here is my second homework for the Computer System Security course: it concerns with current and available implementation of the modern storage encryption technology, presenting some benchmark test for performance impact.
3.9K
Reads
8
Readcasts
1
Embed Views
More From This User
Notes
Load more
