Cryptographic & Steganographic File Systems for Linux
Alessandro Bottoni
alessandro.bottoni at libero.it
Sat Apr 6 04:37:09 EST 2002
I'm having a look at a few cryptograpic and steganographic file systems for
Linux (like CFS, TCFS, PPDD, EHD, LoopAES and StegFS, sfspatch, JPHS and so
on) and I have a few (beginner) questions about the state of this art.
1) Missing "dumb-user level" distribution packages
I noticed that most of those systems came as patchs for the linux kernel and
that most of them require a lot of other modules/patches to be installed on
the host system That makes very difficult for every "real user" (I mean: a
computer user that is not a C programmer and/or an experienced Unix system
administrator) to install and use such systems on "real world" computers (I
mean: laptops and desktop PCs that must be used for real, mission critical,
day-to-day work). As long as I have seen, the only system that can be built
and installed as a dynamically-loaded kernel module is StegFS.
Is there any (dependable) crypto/steganographic file system that can be
installed, as an external kernel module on a "regular" Linux system, by mean
of a self-contained RPM, DEB or something like that? Even a self-contained
tar.gz, with the usual "/.configure", "make", "make install", would be a good
solution, assumed that it does not require a dozen of libraries installed on
the host system (Of course, commercial systems like BestCrypt are welcome
only if the corresponding source code is available for checking: NSA
backdoors can be everywhere...).
BTW: I tried to install StegFS 1.14 on my Red Hat 6.2 (kernel 2.2.14). No
way: an error blocks compilation. Does anybody know of a mailing list or a
newsgroup where I could find any help?
2) Missing 2.4.XX Kernel support
Most of the existing systems works only on 2.0 and 2.2 kernels. it seems that
the changes made in the VFS from 2.2 to 2.4 have created a big problem to
most of the crypto/stego-FS writers. Actually, most systems seems to be
blocked at their 1999 and 2000 evolution stage, maybe because of this change
in the Linux VFS. The only system that seems to work on 2.4 kernels is PPDD.
TCFS is even blocked at the 2.0 stage.
Is there any plan/attempt to support the newer kernels? Is the porting so
difficult?
3) Future of Linux Crypto (Kerneli.org and Crypto API)
It seems that the USA regulation about cryptography has been losen since 1996
so, I wonder, is the Kerneli.org project still justified? Is it still alive?
What about Crypto API? What is the aim of this project? Is it different from
kerneli.org? Will Linux have strong cryptography capabilities built-in at the
kernel level in the near future? Will it use loadable crypto modules, instead?
4) Windows XP encripted file system
I welcomed the encrypted-by-default file system of Windows XP as a big step
forward in the direction of having more privacy and security on "real world"
systems (I know: it will be broken in a few months because it is a well know,
largely diffused, well paying target for the cryptoanalysts but... it is
better than nothing).
Is there any project aimed to create a similar, real world, encrypted file
system for Linux?
Many thanks in advance for your help and for your opinions.
-------------------------------
Alessandro Bottoni
alessandro.bottoni at libero.it
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list