[Cryptography] Open source encrypted file system for cheap IoT device?

Wed Dec 27 13:59:52 EST 2017

At 08:46 AM 12/27/2017, Bakul Shah wrote:
>On Wed, 27 Dec 2017 07:26:32 -0800 Henry Baker <hbaker1 at pipeline.com> wrote:
>Henry Baker writes:
>> At 07:02 AM 12/27/2017, Bakul Shah wrote:
>> >On Tue, 26 Dec 2017 12:32:45 -0800 Henry Baker <hbaker1 at pipeline.com> wrote:
>> >> >On Tue, Dec 26, 2017 at 9:59 AM, Henry Baker <hbaker1 at pipeline.com> wrote
>> :
>> >> >At 11:35 PM 12/23/2017, grarpamp wrote:
>> >> >>No device info was included by OP.  Assuming BSD or Linux
>> >> >>kernel, they both offer tiny simple full extent kernel block
>> >> >>device encryptors upon which their standard filesystems can be
>> >> >>laid down.
>> >> >>
>> >> >>Insufficient info given by OP to fit others.
>> >> >
>> >> >I was hoping for an open source encrypted file system on an
>> >> >device that is so small and so limited that it doesn't even
>> >> >run a form of Linux.  It doesn't even need multiple processes
>> >> >or multiple threads.
>> >>
>> >> >Why would such a device even need an encrypted filesystem?
>> >> >And where would you store the key material safely to protect
>> >> >it against an adversary who would be able to get access to the
>> >> >storage medium, and thus to the device itself?
>> >> 
>> >> Why?  Confidential info being stored/logged.
>> >> 
>> >> Key?  Hopefully something like public-key, so only the public
>> >> key needs to be stored on the device -- but perhaps not even
>> >> then.  If symmetric-key, then the device never stores the key
>> >> at all, but it needs to be provided during bootup by some
>> >> other mechanism, and is never stored to the file system itself
>> >> (yet another reason for not using Linux -- way to much baggage
>> >> to ever understand and/or verify).
>> >> 
>> >> Once again, it doesn't have to be fast, but it needs to have a
>> >> small code footprint and be reasonably secure.
>> >
>> >May be you can try something like the $5 RaspberryPi Zero +
>> >plan9? The plan9 os 'image' also contains a small readonly
>> >bootfs containing programs needed to bootstrap further.  You
>> >can remove everything from this bootfs except a fileserver of
>> >your choice + something to use an AES encrypted partition.
>> >And you can remove all kernel devices you don't need.  You can
>> >then feed the aes key via its GPIO pins or UART something.
>> >The kernel is much simpler than BSD.
>> >
>> >Or may be an AESlib + arduino will fit your bill better (but
>> >not something I have played with). People have also interfaced
>> >ESP8266 to SDcards + AES.
>> >
>> >There are number of smaller devices but the specs are not
>> >always available (having a running linux is not enough) or
>> >they don't have a large enough community of users.
>> 
>> I forgot to say one of the reasons for open source: I
>> want to be able to recompile & run it on any OS (or not)
>> of my choosing: e.g., Windoze, MacOS, Linux, minix (!),
>> etc.
>
>What is not clear to me is how you plan to access these files
>or put them on the device. What is the ideal or must have API?
>
>The fileserver program would run as a user mode program.  A Go
>based program just might run unchanged acrosss Windows and
>Unix based OSes (where Go runs). With 9p you should be able to
>mount the FS and do normal file io. But not clear to me what
>you really want.

Why is this so hard?

IoT = very cheap, very low power, very small memory.

As I said, I want to access files on a uSD card or a USB stick,
so the encrypted file system is on a *passive* device.

I want to be able to do this from either the $10 device (not as
powerful as a Raspberry Pi, because Pi's take too much power),
or a larger machine -- e.g., Linux/MacOS/Windows.