[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CD-ROM Encryption on-the-fly ?

To: Reos Zgium <zgium@gmx.net>
Subject: Re: CD-ROM Encryption on-the-fly ?
From: Jari Ruusu <jari.ruusu@pp.inet.fi>
Date: Fri, 26 Jul 2002 18:57:57 +0300
CC: Linux Crypto <linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org
References: <200207261433.57453.zgium@gmx.net>
Sender: linux-crypto-bounce@nl.linux.org

Reos Zgium wrote:
> Wouldn't it be possible to write a small piece of code, which encrypts
> stdin->stdout. This would compact the example above into one line like this:
> 
> mkisofs -xyz /home/backup | encrypt-on-the-fly > /tmp/cryptfile
> 
> or even burn it on the fly.
> mkisofs -xyz /home/backup | encrypt-on-the-fly | cdrecord -
> 
> The encryption key would be requested from the console or from file or
> whatever.
> 
> The trick here is writing this pipe-program which is is compatible with the
> crypto-loop kernel driver so the data can later be transparently decrypted.
> Main obstacles are the IV and the blocksize. The crypto-loop has no external
> interface (or i failed to find it) so the separate encryption program would
> have to duplicate the crypt-loop's functionality. Disregarding future
> compatibility problems, this small program would be quite simple to code.
> 
> A huge problem could be to encrypt multi-session volumes and such. But as this
> is quite problematic with the mkisofs/cdrecord pair anyway, i would ignore it
> for now.
> 
> Now for the questions:
> Has some one already coded this tool and could save me a day or two?
> 
> Does any one with more insight into the crypto-loop driver see a problem in
> design with this solution? Can we reliably pre-calcucate the IV on the CD
> before it is written?
> 
> Any other suggestions?

I posted source for aespipe program to this list a while ago. It does
exactly what you need. Get it from archive, here:

    http://mail.nl.linux.org/linux-crypto/2002-05/msg00023.html

The source is in 'aespipe-v1.0b.tar.bz2' that after downloading appears
under name 'bin00000.bin', here:

    http://mail.nl.linux.org/linux-crypto/2002-05/bin00000.bin

By default it is loop-AES compatible, but to make it cryptoapi compatible,
use command line options: -e aes128 -H rmd160

Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

References:
- CD-ROM Encryption on-the-fly ?
  - From: Reos Zgium <zgium@gmx.net>

Prev by Date: Re: CD-ROM Encryption on-the-fly ?
Next by Date: Re: loop-AES trouble
Prev by thread: Re: CD-ROM Encryption on-the-fly ?
Next by thread: AES vs. GPG
Index(es):
- Date
- Thread