I'm having a look at a few cryptograpic and steganographic file systems for Linux (like CFS, TCFS, PPDD, EHD, LoopAES and StegFS, sfspatch, JPHS and so on) and I have a few (beginner) questions about the state of this art.
1) Missing "dumb-user level" distribution packages I noticed that most of those systems came as patchs for the linux kernel and that most of them require a lot of other modules/patches to be installed on the host system That makes very difficult for every "real user" (I mean: a computer user that is not a C programmer and/or an experienced Unix system administrator) to install and use such systems on "real world" computers (I mean: laptops and desktop PCs that must be used for real, mission critical, day-to-day work). As long as I have seen, the only system that can be built and installed as a dynamically-loaded kernel module is StegFS. Is there any (dependable) crypto/steganographic file system that can be installed, as an external kernel module on a "regular" Linux system, by mean of a self-contained RPM, DEB or something like that? Even a self-contained tar.gz, with the usual "/.configure", "make", "make install", would be a good solution, assumed that it does not require a dozen of libraries installed on the host system (Of course, commercial systems like BestCrypt are welcome only if the corresponding source code is available for checking: NSA backdoors can be everywhere...). BTW: I tried to install StegFS 1.14 on my Red Hat 6.2 (kernel 2.2.14). No way: an error blocks compilation. Does anybody know of a mailing list or a newsgroup where I could find any help? 2) Missing 2.4.XX Kernel support Most of the existing systems works only on 2.0 and 2.2 kernels. it seems that the changes made in the VFS from 2.2 to 2.4 have created a big problem to most of the crypto/stego-FS writers. Actually, most systems seems to be blocked at their 1999 and 2000 evolution stage, maybe because of this change in the Linux VFS. The only system that seems to work on 2.4 kernels is PPDD. TCFS is even blocked at the 2.0 stage. Is there any plan/attempt to support the newer kernels? Is the porting so difficult? 3) Future of Linux Crypto (Kerneli.org and Crypto API) It seems that the USA regulation about cryptography has been losen since 1996 so, I wonder, is the Kerneli.org project still justified? Is it still alive? What about Crypto API? What is the aim of this project? Is it different from kerneli.org? Will Linux have strong cryptography capabilities built-in at the kernel level in the near future? Will it use loadable crypto modules, instead? 4) Windows XP encripted file system I welcomed the encrypted-by-default file system of Windows XP as a big step forward in the direction of having more privacy and security on "real world" systems (I know: it will be broken in a few months because it is a well know, largely diffused, well paying target for the cryptoanalysts but... it is better than nothing). Is there any project aimed to create a similar, real world, encrypted file system for Linux? Many thanks in advance for your help and for your opinions. ------------------------------- Alessandro Bottoni [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
