2010-04-15 13:56:56 +04:00
|
|
|
.\" $NetBSD: cgd.4,v 1.16 2010/04/15 09:56:56 wiz Exp $
|
2002-10-04 22:57:35 +04:00
|
|
|
.\"
|
2003-08-14 21:59:40 +04:00
|
|
|
.\" Copyright (c) 2002, 2003 The NetBSD Foundation, Inc.
|
2002-10-04 22:57:35 +04:00
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" This code is derived from software contributed to The NetBSD Foundation
|
|
|
|
.\" by Roland C. Dowdeswell.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
|
|
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
|
|
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
|
|
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
|
|
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
|
|
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
|
|
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
|
|
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
|
|
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
.\" POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
.\"
|
2010-04-15 12:28:41 +04:00
|
|
|
.Dd April 15, 2010
|
2002-10-04 22:57:35 +04:00
|
|
|
.Dt CGD 4
|
|
|
|
.Os
|
|
|
|
.Sh NAME
|
|
|
|
.Nm cgd
|
|
|
|
.Nd cryptographic disk driver
|
|
|
|
.Sh SYNOPSIS
|
|
|
|
.Cd "pseudo-device cgd" Op Ar count
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
|
|
|
.Nm
|
|
|
|
driver provides the capability of encrypting blocks on their way
|
|
|
|
to and from a disk or partition.
|
|
|
|
.Pp
|
|
|
|
In order to compile support for the
|
|
|
|
.Nm
|
|
|
|
into your kernel, you must add the driver to your kernel configuration
|
2002-10-05 19:52:25 +04:00
|
|
|
file.
|
|
|
|
To do this, add a line similar to:
|
2002-10-04 22:57:35 +04:00
|
|
|
.Bd -unfilled -offset indent
|
2002-10-05 19:52:25 +04:00
|
|
|
pseudo-device cgd 4 # cryptographic disk driver
|
2002-10-04 22:57:35 +04:00
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
The count argument defines how many
|
2010-04-15 13:56:56 +04:00
|
|
|
.Nm
|
2010-04-15 12:28:41 +04:00
|
|
|
devices may be configured at a time.
|
2002-10-04 22:57:35 +04:00
|
|
|
.Ss Encryption Algorithms
|
|
|
|
Currently the following cryptographic algorithms are supported:
|
|
|
|
.Bl -tag -width indentxxxxxxx
|
2010-04-15 12:28:41 +04:00
|
|
|
.It Ic aes-cbc
|
|
|
|
.Tn AES
|
|
|
|
in
|
|
|
|
.Tn CBC
|
|
|
|
mode.
|
|
|
|
.Tn AES
|
|
|
|
uses a 128 bit blocksize and can accept keys of length 128, 192, or 256.
|
2003-08-14 21:57:07 +04:00
|
|
|
The default key length is 128.
|
2010-04-15 12:28:41 +04:00
|
|
|
.It Ic 3des-cbc
|
|
|
|
Triple
|
|
|
|
.Tn DES
|
|
|
|
in
|
|
|
|
.Tn CBC
|
|
|
|
mode.
|
|
|
|
Triple
|
|
|
|
.Tn DES
|
|
|
|
uses a 64 bit blocksize and is performed in
|
|
|
|
.Tn EDE3
|
|
|
|
mode with a 168 bit key.
|
|
|
|
The key passed to the kernel is 192 bits but the parity bits are ignored.
|
|
|
|
.It Ic blowfish-cbc
|
|
|
|
Blowfish in
|
|
|
|
.Tn CBC
|
|
|
|
mode.
|
2006-03-11 11:04:48 +03:00
|
|
|
Blowfish uses a 64 bit blocksize and can accept keys between 40 and
|
|
|
|
448 bits in multiples of 8.
|
|
|
|
It is strongly encouraged that keys be at least 128 bits long.
|
|
|
|
There are no performance advantages of using shorter keys.
|
|
|
|
The default key length is 128 bits.
|
2002-10-04 22:57:35 +04:00
|
|
|
.El
|
|
|
|
.Ss IV Methods
|
2010-04-15 12:28:41 +04:00
|
|
|
Currently, the following
|
|
|
|
.Tn IV
|
|
|
|
Methods are supported:
|
2008-09-12 20:51:54 +04:00
|
|
|
.Bl -tag -width encblkno1
|
2010-04-15 12:28:41 +04:00
|
|
|
.It Ic encblkno1
|
2008-09-12 20:51:54 +04:00
|
|
|
This method encrypts the block number of the physical disk block once with
|
2010-04-15 12:28:41 +04:00
|
|
|
the cipher and key provided and uses the result as the
|
|
|
|
.Tn IV
|
|
|
|
for
|
|
|
|
.Tn CBC
|
|
|
|
mode.
|
|
|
|
This method should ensure that each block has a different
|
|
|
|
.Tn IV
|
|
|
|
and that the
|
|
|
|
.Tn IV
|
2008-09-12 20:51:54 +04:00
|
|
|
is reasonably unpredictable.
|
|
|
|
This is the default method used by
|
|
|
|
.Xr cgdconfig 8
|
2010-04-15 12:28:41 +04:00
|
|
|
when configuring a new
|
2010-04-15 13:56:56 +04:00
|
|
|
.Nm .
|
2010-04-15 12:28:41 +04:00
|
|
|
.It Ic encblkno8
|
|
|
|
This is the original
|
|
|
|
.Tn IV
|
|
|
|
method used by
|
2008-09-12 20:51:54 +04:00
|
|
|
.Nm
|
2008-09-13 13:13:14 +04:00
|
|
|
and provided for backward compatibility.
|
|
|
|
It repeatedly encrypts the block number of the physical disk block
|
2010-04-15 12:28:41 +04:00
|
|
|
eight times and uses the result as the
|
|
|
|
.Tn IV
|
|
|
|
for
|
|
|
|
.Tn CBC
|
|
|
|
mode.
|
|
|
|
This method should ensure that each block has a different
|
|
|
|
.Tn IV
|
|
|
|
and that the
|
|
|
|
.Tn IV
|
2008-09-12 20:51:54 +04:00
|
|
|
is reasonably unpredictable.
|
|
|
|
The eightfold encryption was not intended and causes a notable
|
|
|
|
performance loss with little (if any) increase in security over a
|
|
|
|
single encryption.
|
|
|
|
.El
|
2002-10-04 22:57:35 +04:00
|
|
|
.Ss IOCTLS
|
|
|
|
A
|
|
|
|
.Nm
|
|
|
|
responds to all of the standard disk
|
|
|
|
.Xr ioctl 2
|
|
|
|
calls defined in
|
|
|
|
.Xr sd 4 ,
|
|
|
|
and also defines the following:
|
2010-04-15 12:28:41 +04:00
|
|
|
.Bl -tag -width CGDIOCSET -offset indent
|
|
|
|
.It Dv CGDIOCSET
|
|
|
|
Configure the
|
2003-02-25 13:34:36 +03:00
|
|
|
.Nm .
|
2002-10-04 22:57:35 +04:00
|
|
|
This
|
|
|
|
.Xr ioctl 2
|
|
|
|
sets up the encryption parameters and points the
|
|
|
|
.Nm
|
|
|
|
at the underlying disk.
|
2010-04-15 12:28:41 +04:00
|
|
|
.It Dv CGDIOCCLR
|
|
|
|
Unconfigure the
|
2003-02-25 13:34:36 +03:00
|
|
|
.Nm .
|
2002-10-04 22:57:35 +04:00
|
|
|
.El
|
|
|
|
.Pp
|
|
|
|
These
|
|
|
|
.Xr ioctl 2 Ns 's
|
|
|
|
and their associated data structures are defined in
|
2010-04-15 12:28:41 +04:00
|
|
|
.In dev/cgdvar.h
|
|
|
|
header.
|
2002-10-04 22:57:35 +04:00
|
|
|
.Sh WARNINGS
|
|
|
|
It goes without saying that if you forget the passphrase that you used
|
|
|
|
to configure a
|
2003-02-25 13:34:36 +03:00
|
|
|
.Nm ,
|
2002-10-05 19:52:25 +04:00
|
|
|
then you have irrevocably lost all of the data on the disk.
|
|
|
|
Please ensure that you are using an appropriate backup strategy.
|
2002-10-04 22:57:35 +04:00
|
|
|
.Sh FILES
|
|
|
|
.Bl -tag -width indentxxxxxxxxxxx
|
|
|
|
.It /dev/{,r}cgd*
|
|
|
|
.Nm
|
|
|
|
device special files.
|
|
|
|
.El
|
|
|
|
.Sh SEE ALSO
|
2005-06-20 17:25:23 +04:00
|
|
|
.Xr config 1 ,
|
2002-10-04 22:57:35 +04:00
|
|
|
.Xr ioctl 2 ,
|
|
|
|
.Xr sd 4 ,
|
2010-04-14 17:06:45 +04:00
|
|
|
.Xr cgdconfig 8 ,
|
|
|
|
.Xr MAKEDEV 8
|
2010-04-14 15:52:39 +04:00
|
|
|
.Rs
|
|
|
|
.%A Roland C. Dowdeswell
|
|
|
|
.%A John Ioannidis
|
|
|
|
.%T The CryptoGraphic Disk Driver
|
|
|
|
.%I USENIX Association
|
|
|
|
.%B Proceedings of the FREENIX Track: 2003 USENIX Annual Technical Conference
|
|
|
|
.%P 179-186
|
|
|
|
.%D June 9-14, 2003
|
2010-04-14 17:06:45 +04:00
|
|
|
.%U http://www.usenix.org/event/usenix03/tech/freenix03/full_papers/dowdeswell/dowdeswell.pdf
|
2010-04-14 15:52:39 +04:00
|
|
|
.Re
|
2002-10-04 22:57:35 +04:00
|
|
|
.Sh HISTORY
|
|
|
|
The
|
|
|
|
.Nm
|
|
|
|
driver was written by Roland C. Dowdeswell for
|
|
|
|
.Nx .
|
|
|
|
The
|
|
|
|
.Nm
|
|
|
|
driver originally appeared in
|
2003-01-20 00:25:36 +03:00
|
|
|
.Nx 2.0 .
|