Source code for version 1.0 of CFS, the Cryptographic File System, will be distributed upon request in the United States starting on January 12, 1994. CFS pushes encryption services into the Unix(tm) file system. CFS supports secure storage at the system level through a standard Unix file system interface to encrypted files. Users associate a cryptographic key with the directories they wish to protect. Files in these directories (as well as their pathname components) are transparently encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk or sent to a remote file server. CFS employs a novel combination of DES stream and codebook cipher modes to provide high security with good performance on a modern workstation. CFS can use any available file system for its underlying storage without modification, including remote file servers such as NFS. System management functions, such as file backup, work in a normal manner and without knowledge of the key. CFS runs under SunOS and several other BSD-derived systems with NFS. It is implemented entirely at user level, as a local NFS server running on the client machine's "loopback" interface. It consists of about 5000 lines of code and supporting documentation. CFS was first mentioned at the work-in-progress session at the Winter '93 USENIX Conference and was more fully detailed in: Matt Blaze, "A Cryptographic File System for Unix", Proc. 1st ACM Conference on Computer and Communications Security, Fairfax, VA, November 1993. (PostScript available by anonymous ftp from research.att.com in the file dist/mab/cfs.ps. The version being released differs from the version described in the paper in a few ways: * The encryption scheme has been strengthened, and now provides approximately the security of 3-DES with the online latency of only single-DES. * Support for the smartcard-based key management system is not included. * A few of the tools are not included (in particular, cname and ccat). * The performance has been improved. * The security of the system against certain non-cryptanalytic attacks has been improved somewhat. CFS is being distributed as COMPLETELY UNSUPPORTED software. No warranty of any kind is provided. We will not be responsible if it deletes all your files and emails the cleartext directly to the NSA or your mother. Also, we do not have the resources to port the software to other platforms, although you are welcome to do this yourself. (Note in particular that CFS has not been tested on either Solaris or Linux, and we have no plans ourselves to support either of these systems.) We really can't promise to provide any technical support at all, beyond the source code itself. Because of export restrictions on cryptographic software, we are only able to make the software available within the US to US citizens and permanent residents. Unfortunately, we cannot make it available for general anonymous ftp or other uncontrolled access, nor can we allow others to do so. Sorry. Legal stuff from the README file: * Copyright (c) 1992, 1993, 1994 by AT&T. * Permission to use, copy, and modify this software without fee * is hereby granted, provided that this entire notice is included in * all copies of any software which is or includes a copy or * modification of this software and in all copies of the supporting * documentation for such software. * * This software is subject to United States export controls. You may * not export it, in whole or in part, or cause or allow such export, * through act or omission, without prior authorization from the United * States government and written permission from AT&T. In particular, * you may not make any part of this software available for general or * unrestricted distribution to others, nor may you disclose this software * to persons other than citizens and permanent residents of the United * States. * * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED * WARRANTY. IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE. If you would like a copy of the CFS source code, please send email to: cfs@research.att.com DO NOT REPLY TO DIRECTLY TO THIS MESSAGE. Be sure to include a statement that you are in the United States, are a citizen or permanent resident of the US, and have read and understand the license conditions stated above. Also include an email address in a US-registered domain, and say whether you'd also like to be included on a developer/user mailing list that is being set up. For a number of reasons, I am unable actually send out code until January 12, 1994. Unless you specify some other format, you'll get a uuencoded compressed tarfile. I'll be at the January USENIX conference in San Francisco, and will announce CFS at the WIP session there. -matt