Hi everyone, I'd like to start a discussion about plausible deniability for LUKS (see http://code.google.com/p/cryptsetup/issues/detail?id=7). As has already been said in a comment on the issue above, even having an option to hide/encrypt LUKS header would be helpful. One approach is to just encrypt the normal LUKS header with a header key, which is not very user-friendly as one would now have to remember/store both the passphrase and the header key (one might as well use plain dmcrypt with a single key). I guess the goal here would be to have LUKS features (multiple passphrases, ease of use, key splitting...) implemented in such a way that nobody can prove that you're using encryption. Thoughts? -- Ivan Stankovic, pokemon@xxxxxxxxxxxxxx "Protect your digital freedom and privacy, eliminate DRM, learn more at http://www.defectivebydesign.org/what_is_drm"; _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
