JY vs Sea Sea vs Actual Discussion

[Steve Kinney]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Now that's a project relevant to CPunk interests:  Rubber Hose was
never finished,  The hidden container feature in Truecrypt is unstable
and unreliable (therefore also "unfinished") per my experience.  The
file system you describe seems to provide a real solution.

Being able to hand off keys harmlessly when some border control
officer wants to turn your electronics inside out:  Priceless.

:o)



On 09/23/2016 09:14 PM, xorcist at sigaint.org wrote:
> I've been toying with libgcrypt, lately. Mostly to refresh my 'C'
> after a long, long love affair, turned dirty mouth-spitting
> fuck-fest with python. It's been a long time since I had to do so
> much fucking book keeping. I remember why I left C behind.
> 
> I'm turning over some ideas for a FUSE-based encrypted filesystem.
> 
> To start, I'm building an unencrypted system (so I can hex the
> block file and make sure shit is getting stored correctly). The
> passphrase gets hashed such that it is used to specify the location
> in the file for the root dir entry. Different passwords get you
> pointed to different roots. Files are essentially linked lists,
> pointing to the next block. Allocation will be intentionally
> fragmented/random. Once the allocation and filesystem primitives
> are debugged, and painted with robust error checking, it will be
> trivial to add AES. Chaf data can be added by making a dir/files
> with a random password, containing random data. Or hell, keep the
> password, and be able to delete the chaf if you needed to free up
> space.
> 
> I'm toying with how I might use Shamir's secret sharing scheme as
> well. You'd need N-of-M images (all mountable separately and
> usable) but when brought together, allow you to decrypt a root dir
> that you wouldn't be able to decrypt separately.
> 
> So, from a deniability standpoint, you can choose to claim you have
> no "random" chaff meant to thwart cryptanalysis. You have your
> encrypted dir (which you were forth-coming with), and the other
> data requires a different file, which you don't have.
> 
> Provides for some more nuanced game theory at the interrogation
> phase when being coerced into giving up keys.
> 
> And usable secret sharing at an FS level is cool by itself.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJX5dcOAAoJEECU6c5XzmuqLNsH/2bg1FaOI90CO/PegjBZqqtz
hNSQqeU3ShTlZrR6W0hbPzrBwuLcfTIjr7273M50MBZ5IABCwafdWQ2lryZZddQb
rBY1v+pMtWGAONYq/tL6gObwmqouY/YXCTGBg51CZT6Ce9wWXbJn8XmxAyyXULSS
2ABRUhpnmK7chjtkd2H2ZodaKCY2LlFffzIMta0SkSxfNBPbF25OsGsrpMhtTGmE
25pif4sfa0rPXm5DgtmpMR7SUS1Izl01YMBZpxY2GNxixQJTw431rtbkvzDrOage
FEyFnENOwU7OQLL/AdENLkVPOG/K5i3DFQGIwLIX+n+6d3503x/Lqc55KNPlQYE=
=mayf
-----END PGP SIGNATURE-----