From: Adam Back <aba@dcs.ex.ac.uk>
To: coderpunks@toad.com
Message Hash: 986b0a6f21bd87861c5688ba93b8a392e2ca6fe61242c21b4ea6f9f88f3b2f5f
Message ID: <199607141148.MAA00279@server.test.net>
Reply To: N/A
UTC Datetime: 1996-07-14 22:30:20 UTC
Raw Date: Mon, 15 Jul 1996 06:30:20 +0800
From: Adam Back <aba@dcs.ex.ac.uk>
Date: Mon, 15 Jul 1996 06:30:20 +0800
To: coderpunks@toad.com
Subject: Encrypted file systems
Message-ID: <199607141148.MAA00279@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain
Some more thoughts on encrypted file system design criteria.
A wish list:
- Choice of secret key encryption algorithms (IDEA, 3DES, MDC, Blowfish)
- Multiple architectures (MSDOS, Win31, Win95, WinNT, Unix, Mac)
- High performance (hand optimised assembler for each architecture)
- Compression
- Ability to chain algorithms (IDEA and then 3DES for example)
- Possible to have encrypted file systems on separate partitions, or
- Encrypted file system located in a file in another file system
(much like DOS stacker drives) this is an ease of use criteria -- I
suspect re-partitioning drives would put off many potential users.
- Ease of use. Graphical user interface for setup and administration
functions, with a very simple set of configurations options
displayed by default, with more advanced configuration options
available in "expert" mode.
- All directory and FAT information should be encrypted, so that
it is not possible to discover even number of files, or percentage
of disk used without the key
- Facility for duress key, with the real data hidden in the unused
space of the first encrypted drive. To increase the plausible
deniability all unused blocks within a file system should be filled
with garbage, so that it is not possible to tell if there is more
data there.
- File system steganographically hidden in files on another file
system (encrypted or not). Support for a wide selection of file
formats (Aiff, Wave, Midi, JPEG, GIF, RGB, MPEG).
- Ability to use stegoed file system in files on an unencrypted
file system, and boot from a floppy to access stegoed file system,
with no other traces left on hard disk.
Thought for the day: the main barrier for a Chinese dissident to using
such software is that being caught with a boot floppy with the
software for a stegoed drive would be dangerous. What would solve
this would be if Microsoft, Apple, UNIX vendors, Slackware linux
included this functionality (or this software itself as useful
freeware included with the CD distribution) in their respective O/Ses
as non-optional modules -- that is you get the software installed
whether you want it or not. If everyone has the software, mere
possesion of the software no longer is a problem.
Throw in a few useful utilities, like a steganographic interface to
anonymous remailers, the address of a few ftp/www by email services,
and you have a system with interesting possibilities.
To improve the national security of the US, the NSA should be dropping
CDs with such software (much like war-time propoganda leaflets air
dropped) on undemocratic countries with poor human rights records.
Instead they expend their efforts on ITAR...
Adam
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
Return to July 1996
Return to “snow <snow@smoke.suba.com>”