If you choose to create your own file system structures, you can protect confidentiality of directory entries (filenames, file handles). For instance, you could treat a directory as a regular file, encrypting and decrypting the directory contents on the client side when necessary. If you use the model of NFS RPCs, you would basically synthesize a LOOKUP RPC through a few READ RPCs. When I last checked, CFS does not use its own low-level file structures for the sake of portability. Hope that helps. -Kevin Fu >Does anybody have any ideas on what would be a good algorithm for >encrypting filenames? I would like for the alogorithm to do compression >also. CFS uses an algorithm that lengthens the filename, thereby shortening >the maximum allowed length of the clear text filename. I want to avoid >this and possibly store extra metadata in the filename. > >Also does anybody know of an encrypted filesystem that encrypts the names >of files, besides CFS. > > Steve > >
