-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Now that's a project relevant to CPunk interests: Rubber Hose was never finished, The hidden container feature in Truecrypt is unstable and unreliable (therefore also "unfinished") per my experience. The file system you describe seems to provide a real solution. Being able to hand off keys harmlessly when some border control officer wants to turn your electronics inside out: Priceless. :o) On 09/23/2016 09:14 PM, xorcist@sigaint.org wrote:
I've been toying with libgcrypt, lately. Mostly to refresh my 'C' after a long, long love affair, turned dirty mouth-spitting fuck-fest with python. It's been a long time since I had to do so much fucking book keeping. I remember why I left C behind.
I'm turning over some ideas for a FUSE-based encrypted filesystem.
To start, I'm building an unencrypted system (so I can hex the block file and make sure shit is getting stored correctly). The passphrase gets hashed such that it is used to specify the location in the file for the root dir entry. Different passwords get you pointed to different roots. Files are essentially linked lists, pointing to the next block. Allocation will be intentionally fragmented/random. Once the allocation and filesystem primitives are debugged, and painted with robust error checking, it will be trivial to add AES. Chaf data can be added by making a dir/files with a random password, containing random data. Or hell, keep the password, and be able to delete the chaf if you needed to free up space.
I'm toying with how I might use Shamir's secret sharing scheme as well. You'd need N-of-M images (all mountable separately and usable) but when brought together, allow you to decrypt a root dir that you wouldn't be able to decrypt separately.
So, from a deniability standpoint, you can choose to claim you have no "random" chaff meant to thwart cryptanalysis. You have your encrypted dir (which you were forth-coming with), and the other data requires a different file, which you don't have.
Provides for some more nuanced game theory at the interrogation phase when being coerced into giving up keys.
And usable secret sharing at an FS level is cool by itself.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJX5dcOAAoJEECU6c5XzmuqLNsH/2bg1FaOI90CO/PegjBZqqtz hNSQqeU3ShTlZrR6W0hbPzrBwuLcfTIjr7273M50MBZ5IABCwafdWQ2lryZZddQb rBY1v+pMtWGAONYq/tL6gObwmqouY/YXCTGBg51CZT6Ce9wWXbJn8XmxAyyXULSS 2ABRUhpnmK7chjtkd2H2ZodaKCY2LlFffzIMta0SkSxfNBPbF25OsGsrpMhtTGmE 25pif4sfa0rPXm5DgtmpMR7SUS1Izl01YMBZpxY2GNxixQJTw431rtbkvzDrOage FEyFnENOwU7OQLL/AdENLkVPOG/K5i3DFQGIwLIX+n+6d3503x/Lqc55KNPlQYE= =mayf -----END PGP SIGNATURE-----