Cryptographic & Steganographic File Systems for Linux

Alessandro Bottoni alessandro.bottoni at libero.it
Sat Apr 6 04:37:09 EST 2002 

I'm having a look at a few cryptograpic and steganographic file systems for 
Linux (like CFS, TCFS, PPDD, EHD, LoopAES and StegFS, sfspatch, JPHS and so 
on) and I have a few (beginner) questions about the state of this art.

1) Missing "dumb-user level" distribution packages
I noticed that most of those systems came as patchs for the linux kernel and 
that most of them require a lot of other modules/patches to be installed on 
the host system That makes very difficult for every "real user" (I mean: a 
computer user that is not a C programmer and/or an experienced Unix system 
administrator) to install and use such systems on "real world" computers (I 
mean: laptops and desktop PCs that must be used for real, mission critical, 
day-to-day work). As long as I have seen, the only system that can be built 
and installed as a dynamically-loaded kernel module is StegFS.

Is there any (dependable) crypto/steganographic file system that can be 
installed, as an external kernel module on a "regular" Linux system, by mean 
of a self-contained RPM, DEB or something like that? Even a self-contained 
tar.gz, with the usual "/.configure", "make", "make install", would be a good 
solution, assumed that it does not require a dozen of libraries installed on 
the host system (Of course, commercial systems like BestCrypt are welcome 
only if the corresponding source code is available for checking: NSA 
backdoors can be everywhere...).

BTW: I tried to install StegFS 1.14 on my Red Hat 6.2 (kernel 2.2.14). No 
way: an error blocks compilation. Does anybody know of a mailing list or a 
newsgroup where I could find any help?

2) Missing 2.4.XX Kernel support
Most of the existing systems works only on 2.0 and 2.2 kernels. it seems that 
the changes made in the VFS from 2.2 to 2.4 have created a big problem to 
most of the crypto/stego-FS writers. Actually, most systems seems to be 
blocked at their 1999 and 2000 evolution stage, maybe because of this change 
in the Linux VFS. The only system that seems to work on 2.4 kernels is PPDD. 
TCFS is even blocked at the 2.0 stage.

Is there any plan/attempt to support the newer kernels? Is the porting so 
difficult?

3) Future of Linux Crypto (Kerneli.org and Crypto API)
It seems that the USA regulation about cryptography has been losen since 1996 
so, I wonder, is the Kerneli.org project still justified? Is it still alive?

What about Crypto API? What is the aim of this project? Is it different from 
kerneli.org? Will Linux have strong cryptography capabilities built-in at the 
kernel level in the near future? Will it use loadable crypto modules, instead?

4) Windows XP encripted file system
I welcomed the encrypted-by-default file system of Windows XP as a big step 
forward in the direction of having more privacy and security on "real world" 
systems (I know: it will be broken in a few months because it is a well know, 
largely diffused, well paying target for the cryptoanalysts but... it is 
better than nothing).

Is there any project aimed to create a similar, real world, encrypted file 
system for Linux? 

Many thanks in advance for your help and for your opinions.

-------------------------------
Alessandro Bottoni
alessandro.bottoni at libero.it

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list