Protecting File Systems with Transient Authentication

Laptops are vulnerable to theft, greatly increasing the likelihood of exposing sensitive files. Unfortunately, storing data in a cryptographic file system does not fully address this problem. Such systems ask the user to imbue them with long-term authority for decryption, but that authority can be used by anyone who physically possesses the machine. Forcing the user to frequently reestablish his identity is intrusive, encouraging him to disable encryption. This tension between usability and security is eliminated through Transient Authentication, in which a small hardware token continuously authenticates the users presence to the laptop over a short-range, wireless link. Whenever the laptop needs decryption authority, it acquires it from the token; authority is retained only as long as necessary. With careful key management, ZIA imposes an overhead of less than 7% for representative workloads, though some infrequent operations suffer greater overheads. The largest file cache on our hardware can be re-encrypted within five seconds of the users departure, and restored in just over six seconds after detecting the users return. This secures the machine before an attacker can gain physical access, but recovers full performance before a returning user resumes work. Key granularity plays an important role in determining performance; assigning encryption keys on a per-directory basis limits the cost of an exposed key while maintaining acceptable overhead.