On 2/27/2015 9:51 PM, Jason Edgecombe wrote: > ** file server option to force authenticated access to use encryption
A file server cannot force authenticated access from a client to use encryption. The client chooses the property of the connection and uses that to send data to the file server prior to the file server deciding whether or not to issue an authentication challenge. The client needs to be told the connection policy prior to connection establishment (that is what "fs setcrypt" does). A file server can choose to ignore a connection but by that time the data you wish to be secure has already been transmitted in the clear. If the connection is rejected by the file server and the clear retransmits the same request using a new encryption connection, the client has now given known plaintext to an attacker to use to determine the encryption key. This is where AuriStor's policy framework comes into play. It is a mechanism by which the clients are told ahead of time which authentication and wire privacy modes are to be used for each file server connection. That way if your volume is to be accessed only using an rxgk authenticated aes256-sha1 encrypted/integrity protected connection the client knows what to do and the file server knows what to enforce. Only then can there be a guarantee that there will be no information leakage. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
