> >You'd be better off doing encryption on a per-file basis, then > >mastering the > >image from that. > > I don't only want the files to be crypted, but even the content > shouldn't be guessed. A complete protection over which kind of data, > files, filenames are in the DVD. > > A 'per-file' encryption is not so difficult to realize just before the > actual image creation and I know how to do it. However I would like to > protect the 'whole' dvd globally, I don't know if I can correctly > express my need.
If you already have the software to encrypt a single-file, then do as follows: 1. Generate the ISO9660/UDF image as per normal. 2. Encrypt the ISO file. 3. Generate a ISO/UDF image containing the encrypted ISO. 4. Burn the new image. To read this thing: 1. Insert CD/DVD, and mount the ISO/UDF filesystem. 2. Decrypt the ISO file, saving the decrypted ISO on disk. 3. Mount the decrypted ISO using loopback. This is easy, but it has the failing that you have to make save the decrypted iso to disk temporarily while you access it which is probably not acceptable if you're serious about security. Now, it is really not necessary for the encrypted image to actually be ISO9660 or UDF. It would be more sensible to use an encrypted filesystem, make an image of that filesystem and create a standard ISO/UDF image containing that filesystem. The benefit is that you could do a loopback mount of that filesystem without having to decrypt it first. Such does exist, although I do not believe it is readily available in the Linux kernel. You'd probably have to apply source patches. Try http://www.kerneli.org/ to start. Note that I have never used any such crypt filesystems and can't vouch for the safety of your data if you store it this way - you'll have to experiment with this yourself. As an aside, yes you can image CD/DVDs with 'dd'. I do this all the time to make copies of burned discs: # dd if=/dev/cdrom of=someimage.iso && eject [Insert blank DVD] # dvdrecord -v -dao someimage.iso -- Andre Dalle [[EMAIL PROTECTED]] _______________________________________________ Dvdrtools-users mailing list [EMAIL PROTECTED] http://mail.nongnu.org/mailman/listinfo/dvdrtools-users
