Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cross-Platform Encryption?

Posted by Cliff on from the lowered-barriers-for-information-protection dept.

Dr. Sp0ng asks: "I'm sure a lot of Slashdot readers carry around USB keychain drives or other portable media. What cross-platform encryption solutions have you found for these? The ideal solution would be something which can create a true encrypted disk image in a file, along with Windows and OS X (and perhaps even Linux) standalone executables which can mount these without requiring you to install anything. Obviously something like GnuPG could be used, but it won't let you create an actual mountable filesystem. There are plenty of Windows solutions, and Mac OS X users can simply create an encrypted DMG, but are there any cross-platform solutions out there?"

7 of 57 comments (clear)

  1. A simple solution by waynegoode · · Score: 4, Interesting

    This is not exactly what you are looking for, but how about ...

    A big ZIP file on the drive.

    + It is encrypted.
    + It is cross platform if the underlying File System is.
    - The computer needs a ZIP file decrypter and a encrypter if you want read/write.
    - It acts like a file system, but really isn't.
    - Not the best encryption.

    1. Re:A simple solution by jasonwea · · Score: 2, Interesting

      And the worst negative of all for me:

      Typically one would have to decrypt the files to a local fixed disk where they live unencrypted while you work on them.

      Options such as RAM disks exist but how readily available are these? (Think of machines where you do not have root).

    2. Re:A simple solution by Anonymous Coward · · Score: 1, Interesting

      If the goal is to transport files between trusted computers, and be safe in case you drop your USB key and someone unscrupulous finds it... this seems like a case where one-time pad could be a good solution. You'd first have to transport a random file the size of the USB key to each of your trusted computers, and you'd need a file system driver that uses a prespecified OTP file to XOR the data.

      Anyone who gets hold of the USB key can't do anything with it, unless they also have the OTP file. The "one time" in the OTP definition isn't here strictly followed, but it isn't a problem if the threat scenario is losing the USB key. On the other hand, if the attacker is able to make copies of the USB key without your knowledge at several different times, this would be a weakness. So the trustworthiness of the solution would depend on your paranoia and threat level...

      Would anyone know of a working software solution along these lines?

  2. Re:It's so obvious! by thegrassyknowl · · Score: 2, Interesting

    Well, you could XOR your data, or have the disk in EXT2 format (with a small FAT32 partition at the start with EXT2 drivers for various sysems.

    As for encryption, I presume you're interested in keeping the average user from sector L out of your files, should your key be "misplaced".

    I'd look at GPG; it's roughly PGP compatible. There are the pay for versions of PGP for Windows that can create a big encrypted file and give it a drive letter. Maybe there exists some GPG code that can mount those files?

    --
    I drink to make other people interesting!
  3. QEMU? by kisielk · · Score: 4, Interesting

    I've been thinking about doing a QEMU setup on a flash drive with an encrypted file system, and including QEMU executables for various OSs. You coul d then boot up the QEMU image, which could have networking support with Samba or something, and then access the files over the network.

    I haven't actually tried this yet, and I'm not entirely convinced it's a good idea, but it's one suggestion. Has anyone else tried this? Any comments or suggestions?

  4. FreeOFTE for Win/Lin or ccrypt for Mac/Win/Lin by Trepalium · · Score: 3, Interesting

    FreeOTFE runs in Windows and is compatible with Linux losetup/dm-crypt volumes. The only Win/Mac cross encryption program I've found is ccrypt which is unfortunately just a simple file encryption program.

    --
    I used up all my sick days, so I'm calling in dead.
  5. Just an idea.... by martian67 · · Score: 1, Interesting

    I've wished for something similar in the past. One solution that occurred to me would be to create an encrypted loopback filesystem under Linux. For those not familiar with this scheme, it essentially encapsulates a filesystem in a regular file and [en|de]crypts it at the kernel level.

    One potential way to access this from Windows would be using Namespace Extensions. I believe this is the way that "special folders" such as Control Panel and Scheduled Tasks are integrated into the Explorer. It would seem to be straightforward for someone knowledgable in the area to create a Namespace Extension that could mount an encrypted loopback filesystem created in Linux.