En réponse à Arno Wagner <arno@xxxxxxxxxxx> : > ------------------ Début du message d'origine -------------------- > > Yes, that works. You should also make sure to change the > things in the first container from time to time (but be > very careful to not overwrite the second one), because > otherwise the timestamps will show you did not actually > used the first one and its back to waterboarding for you. > Yes. Typical excuse is: "Oh, yes, I've tried to use crypto but it's painfully hard to use, so I didn't continue to use it anymore. All files are two years old? Yes, that's what I said. The password? I think it's 'test' or 'password' or '1234' because it was only for a test." > You also better be able to explain "Why fat"? > You can respond: "I was thinking about using it under windows with http://www.freeotfe.org/ , so I use FAT." > "Why did you overwrite the whole container with > random data?" You can respond: " The doc http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDevice says to fill it with random data, so I did" > "Why encryopt in the first place?" You can respond: "I was just trying using it. I also use several progs and apps because I'm a geek. cryptsetup did not convince me, so I don't use it anymore. Why I didn't rm the 1gigabyte crypted file? My Hard drive is 250Gig, I have plenty of free space, why should I bother?" > and use cryptographically > strong randomness to fill the container. > Something like dd if=/dev/zero of=/dev/mapper/crypt should be enough. You can't differenciate AES ciphered data from randomness. If so, this is huge problem. > Arno > thanks for the feedback. > On Mon, Mar 01, 2010 at 05:22:15PM +0100, octane indice wrote: > > Ther is a way to have some plausible deniability with > cryptsetup (not LUKS). > > > > Basically, all resides with the ability of losetup to have > an offset (i.e. > > jump a certain number of bytes in the beginning of the loop > file). Create a > > LUKS container, don't fill it too much, jump behind the last > data and create > > a second one: > > > > First, the ciphered one, known file: > > dd if=/dev/zero of=/tmp/bigfile bs=1024k count=1024 > > losetup /dev/loop0 /tmp/bigfile > > cryptsetup luksFormat /dev/loop0 > > cryptsetup luksOpen /dev/loop0 crypted_one > > (fill the disk with random data) > > mkdosfs -F 32 /dev/mapper/crypted_one > > mount -t vfat /dev/mapper/crypted_one /mnt/crypt > > echo "confidential file" > /mnt/crypt/secret > > > > Second, hide your real secrets with plausible deniability: > > losetup -o 512000 /dev/loop1 /tmp/bigfile > > cryptsetup create second_crypt /dev/loop1 > > mke2fs /dev/mapper/second_crypt > > mount -t ext2 /dev/mapper/second_crypt /mnt/hd2 > > echo "very very secret" > /mnt/hd2/secret > > > > > > You must be careful to don't use too much the crypted_one; > if you fill it > > too much it will overwrite the second_crypt... > > You _must_ use the FAT filesystem in the crypted_one > partition: ext copy the > > superblock everywhere on the disk. It will be overwritten by > the > > second_crypt, and therefore an attacker with the first key > can be > suspicious... > > You mustn't use LUKS for second_crypt: the format of LUKS > header can be > > found very easily in the middle of the /tmp/bigfile > > > > The secret lies with two parameters: the offset and the key. > > > > > I think we can call it plausible deniabilty: It is > impossible for an > > attacker to know that a second container resides in the > first one. > > > > Hope this helps > > > > En r?ponse ? Ond??ej Pelech <ondra.pelech@xxxxxxxxx> : > > > ------------------ D?but du message d'origine > -------------------- > > > > > > Hello, > > > > > > dm-crypt is a great project, but it seems to me, that it's > > > missing one > > > very needed feature - Deniable encryption[0] (support for > > > hidden > > > containers). > > > will it be possible to do this (1 vault, many keys, each > > > reveals > > > something "different") in future using dm-crypt? are there > any > > > plans > > > to support this feature? > > > > > > Best regards > > > > > > Ondra Pelech > > > > > > [0] http://en.wikipedia.org/wiki/Deniable_encryption > > > _______________________________________________ > > > dm-crypt mailing list > > > dm-crypt@xxxxxxxx > > > http://www.saout.de/mailman/listinfo/dm-crypt > > > > > > ------------------- Fin du message d'origine > --------------------- > > > > > > > > > > Envoy? avec Inmano, ma messagerie renversante et gratuite : > http://www.inmano.com > > > > > > > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@xxxxxxxx > > http://www.saout.de/mailman/listinfo/dm-crypt > > > > -- > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: > arno@xxxxxxxxxxx > GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F > 6B50 1E25 338F > ---- > Cuddly UI's are the manifestation of wishful thinking. -- > Dylan Evans > > If it's in the news, don't worry about it. The very > definition of > "news" is "something that hardly ever happens." -- Bruce > Schneier > > ------------------- Fin du message d'origine --------------------- Envoyé avec Inmano, ma messagerie renversante et gratuite : http://www.inmano.com _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
