           Disclaimer: This site is intended for informational and educational purposes. I am not responsible for the legitimate or illegitimate use of any of the material on this site and possible damage caused and I do not encourage you to perform illegal activities. If you do not agree to these terms, CLICK HERE. 
|
 |
Cryptography
New: CFS 1.3 sources, ported to compile under newer Linux distributions (tested with RedHat 7/Linux 2.2.18) SFS SFS means Steganographic File System and describes a system to encrypt complete partitions steganographically under linux. This means that the data cannot be recovered without the correct passphrase and that nobody can prove that any data exists on the SFS encrypted partition. The steganographic FS accomplishes this by creating random data on the device, and then hiding the actual data inside this data while using a modified IDEA stream chiffre algorithm. But why SFS? This is important for example in european countries, where people can be persecuted if it can be proven that they possess encrypted data and they refuse to give their passwords to the law enforcement. 5 Step Installation: 1. Extract the sfspatch-2.0.36 from the package and patch your kernel, like it is described in the included README. Note: Should you have a kernel different than 2.0.36, you need to get a different package which you can find at: http://www-users.rwth-aachen.de/Peter.Schneider-Kamp/ 2. Re-compile your kernel and include the SFS (fs section) as a MODULE. 3. Compile the sfstools - they need the upgraded kernel to compile. 4. Insmod sfs and then use mksfs from the sfstool package. E.G. to create a SFS on a floppy disk: mksfs /dev/fd0 - if you use HD partitions, remember you need a dedicated partition on which all data will be overwritten. It will ask you for a password, use a long one. 5. Create a mountpoint e.g. /mnt/test for your sfs device, and type: sfsmount /dev/fd0 /mnt/test. Your floppy disk (in this example) will now be mounted as /mnt/test and you can access it like any other mount point. Be aware that unlike CFS, SFS does not support a timeout yet, which the seriously paranoid might want. Also chmod 700 your mount-point; sfs will not check if it is world-readable.  Download the SFS Tools and the patch for 2.0.36 linux kernels
CFS CFS stands for Cryptographical File System. It is a filesys daemon that implies the possibility to transparently encrypt and decrypt files on unix systems. CFS uses NFS, the network file system and requires nfsd and the portmap service to be running. Once you installed CFS, you will be able to create cfs-directories with cmkdir that are protected by
unique passwords. Once the system is rebooted or the directory is detached,
all files stored in that directory are only retrievable by supplying the
correct passphrase for the dir.Installation of CFS: Download CFS 1.3.3 RPM package and install by typing rpm -i cfs.rpm. Then, enable RPC NFSd and portmap (make sure
you are using non-vulnerable versions!). Add the following line to /etc/exports:
/ localhost. Then, type "cfsd" to enable the daemon,create a directory "/crypt" and mount it with: /bin/mount -o port=3049,intr localhost:/ /crypt.You need to start cfsd and mount your dir each system startup!. Now you can create a crypted directory using: cmkdir /root/test crypt1This creates /root/test with the CFS name crypt1 (/crypt/crypt1 will be created) You can now use cdetach, cattach and cpasswd on the dir. You will be prompted for your password(s) automatically. Download CFS 1.3.3 (i386-rpm)
PGP for lamerz PGP uses asymmetric keys to make it possible to send private data over the net. It works like this: you generate a key pair, consisting of a public key and private key. Everything encrypted with the public key can be decrypted with the private key only and everything encrypted with the private key can be decrypted with the public key only. The private key is stored on your machine only and protected by a passphrase, while the public key is sent over the net and can theoretically be accessed by anyone. This makes it possible to encrypt data without ever sending the private key to anyone. As long as you use a keylength of >= 1024 bits, PGP is pretty safe. Shorter keys can be decrypted sooner or later and are rather 'Pretty Gay Privacy'. Example: Bill G. wants to send a file worlddom.txt to Steve C. Both public keys are available for each other, while private keys are only available for themselves. Bill G. uses the public key from Steve C. to encrypt the data and sends it over the net. Now, Steve C.'s private key is required to decrypt the data, so Steve C. is the only person who can ever decrypt it. (If Bill used his private key to encrypt it, Steve Case couldīve decrypted it it with Bills public key, but everyone who knew Bills public accessible key could also get the data. Therefore, BOTH parties need to have a key pair.) Something else you can realize with PGP is the digital signature. It works like this: a checksum of the data is created (MD5 hash) and is encrypted with your private key to a signature. To verify the signature, it is decrypted with the public key and a checksum of the same data is created and compared with the decrypted one. If they match, the signature is valid and the only one who couldīve singed the data is the owner of the private key it was signed with. Download PGP 2.6.2Note: Confirming to US law, if you are not inhabitant of the USA and still download this file, the government will probably want your head on a stake for it. However, have fun with the tool! =P Download a keyring with my public keys.If you want to email me now and then or just feel like it, go and send me your public key(s). Click here to mail me. |
 |