Data Assurance in a Conventional File Systems

The goal of this research is to find a mechanism to guarantee that a file stored in a conventional file system, on disk, has not been modified. Our proposal for achieving that goal is a smart card based DSFS (Digital Sealed File System). The main idea is to send only the hash value of a document to the SmartCard together with the unique document identification. After creation of public/private key pair and hash value encryption, SmartCard destroys private key. This yields a final signature and public key as output. Therefore, sending confidential key material from SmartCard to a system is completely avoided. Since hash value is small data, limited bandwidth to the card for transferring large documents for encryption is not a problem. However, there are some possible drawbacks of the proposed idea. An attacker is able to circumvent the signing process in SmartCard and to act as SigningTool. Moreover, publishing of public key is the issue of the DSFS architecture and public key distribution is too complex and unreliable solution. Here we describe a possibility of overcoming these problems.