Académique Documents
Professionnel Documents
Culture Documents
I NTRODUCTION
R ELATED W ORK
3
3.1
I MPLEMENTATION
Modules Developed
3.1.1 Security
This module deals with encrypting and decrypting files,
creating private keys and public certificates and communicating securely between the client and the server. When
either the server or the client is first booted up, the system
shall create a private key and a public certificate. Since the
private key is encrypted with a password, even if someone
gets access to your private key file, its still in encrypted
form.
The private key and the public certificate is generated
from 2048-bit RSA keys. When the client and the server
communicate, only the public certificate is exchanged. For
every communication between the client and server, the
system uses TLSv1.2 encryption. So every data exchanged
between the client and the server is in encrypted format.
Since the data stored in the server is in encrypted format,
this module shall encrypt the data when writing to a file and
decrypt the data from reading from a file.
3.1.2 Authentication
Since the file system uses TLSv1.2, the security handshake
present in the TLS protocol is handled internally by the
3.1.4
ENFS
3.1.3
Multithreading
3.2
Work Flow
3.3
3.3.1
Design Choices
Storing No File Data In Client
All the data that the client displays to the user is either
read from its cache or from the server. No file data is
actually stored in the client. So when the ENFS file system
is unmounted, even if the client is compromised, your files
in the server are still secure. Even if someone tries to mount
the file system, they still need your password to proceed
with the client.
R ESULTS
C ONCLUSION
R EFERENCES
[1] H. Kopka and P. W. Daly, A Guide to LATEX, 3rd ed. Harlow, England:
Addison-Wesley, 1999.
[2] Network File SYstem, http://www.tldp.org/LDP/nag/node140.html
[3] Google Drive vulnerability leaks users private data,
http://thehackernews.com/2014/07/google-drivevulnerability-leaksusers 9.html
[4] IBM
exposes
critical
Dropbox
vulnerability,
http://www.esecurityplanet.com/mobile-security/ibmexposes-criticaldropbox-vulnerability.html
[5] Facebook
vulnerability
leaks
users
private
photos,
http://thehackernews.com/2015/03/facebook-photo- sync-hacking.html
[6] Amazon
S3
leaks
private
data,
https://nakedsecurity.sophos.com/2013/03/29/amazon-s3-cloud-storagedata-leak/
[7] Underground black market thrives on private data,
http://www.symantec.com/connect/blogs/undergroundblack-marketthriving-trade-stolen-data-malware-and-attack-services
[8] Sony Pictures Entertainment hack, http://en.wikipedia.org/wiki/Sony
Pictures Entertainment hack
[9] Apple iCloud Hack, http://www.ibtimes.com/apple-icloud-hack-obvioussecurity-flaw-patched-after-new-years-day-disclosure-1773648
FUSE, http://fuse.sourceforge.net/doxygen/
OpenSSL, https://www.openssl.org/
Valient Gough, http://www.arg0.net/#!encfs/c1awt, EncFS file system
Security
and
NFS,
http://www.tldp.org/HOWTO/NFSHOWTO/security.html
[14] Miklos Szeredi, http://fuse.sourceforge.net/sshfs.html, sshfs
[10]
[11]
[12]
[13]