NetBSD's Crypto-Graphic Disk

An anonymous reader writes "Security-minded laptop users live in fear of theft, not only of their computer but also of their precious secret data. NetBSD's CGD project is a cryptographic virtual disk that can protect sensitive data while acting like a normal filesystem. Recently its author, Roland Dowdeswell, was interviewed and provided a lot of details, and made a comparison with Linux's Loop-AES, FreeBSD's GBDE, OpenBSD's svnd. This is a must-read for any laptop owner (and paranoid androids)!"

Interesting but not exactly new news

[Ffakr]

This is interesting and all, but this isn't exactly a ground-breaking news item.
PGP lets you do this on various platforms.
As a matter of fact, this is how I manage personal info on my OS X Macintosh. I create an strong-encrypted virtual disk image with banking, internet login, software key, and (un)related information. When I need something I mount it and when I'm done I umount it and it's nice and safe (as long as I never tell Keychain to remember the password).
You can do this on a vanilla OS X install with Disk Utility.

ffakr

Re:Interesting but not exactly new news

[nighty5]

The grand parent is correct, you can encrypt the entire filesystem: under Windows XP.

A new feature of PGP 9.0.

Re:Interesting but not exactly new news

[bot24]

There is also a secure note storage area in your keychain, and you can create new keychains(which can be locked when you aren't using them). The OS has the tools in it for creating it's own secure note storage areas already without creating disk images that take up unnecessary space.

Re:Interesting but not exactly new news

There's also some useful software from jetico (.com? I think..) that will create a encrypted file and allow it to be mounted as a file system across multiple OSes (e.g. create a 512meg encrypted file on a zip/thumb/external USB drive and mount it as a file system under linux and M$... there may be a mac client, although I wouldn't recall). The also have some decent wiping software and some other goodies. and I'm not even a salesman. :)

Re:mutually exclusive?

[cmdrbuzz]

If you are using Mac OS X then you have disk image encryption built in.

See FileVault for the automagic encrypted home directory

or see hdid for the command-line version of disk utility.

Re:mutually exclusive?

[pepdar]

Mac OS X is a *nix OS.
It also features an encrypted file system, FileVault.

TrueCrypt for WIndows and Linux.

[Futurepower(R)]

TrueCrypt is disk encryption software for Windows XP/2000/2003 and Linux. Version 4.1 was released last month. It seems to have been designed by people who are VERY serious about encryption. For example, TrueCrypt "provides two levels of plausible deniability".

Re:TrueCrypt for WIndows and Linux.

[jbarr]

I agree 100%. TrueCrypt lets you manage not only entire encrypted disks, but smaller, user-definable "container" volumes as well. These are all mounted as virtual drives, and are seamless to use. TrueCrypt works especially well with Thumb Drives.

One thing I really like about TrueCrypt is that it just works. I have tried several commercial options and several that come with Thumb Drives, and they tend to be either too cutsey or kludgy to use. In almost all cases, they are cumbersome and just have an "unstable" feel about them. TrueCrypt is solid, quick, and also importantly, doesn't require any installation other than copying a couple files and launching the app. (It does come with an installer, but it isn't necessary.)

Have a read of their FAQ and and you will see that a LOT of thought and effort has gone into this application.

Re:TrueCrypt for WIndows and Linux.

[trifish]

You forgot to write a very important thing:

TrueCrypt is open source and free (as in freedom and beer).

Filevault

[Savage-Rabbit]

So the CGD disk is an encrypted pseudo disk driver. It sits on top of another partition and acts as a new virtual disk to the rest of the operating system. But what of those of us that have to use windows, or Mac OS X? This seems like it's only compatible with *nix OSes.

OS.X ships with something called Filevaut, accessable from 'System Preferences'. Filevault migrates your home directory onto an encrypted image using a 128-bit AES key which, AFAIK is pretty secure, at least the NSA sponsored OS.X security guide I read recently recommended using it. This image gets mounted onto your Home directory when you log in and cannot be accessed unless you either know the login password or somehow manage to crack the encryption on the image file. This is useful for mobile professionals and the on the fly encryption works surprisingly well unless you are working with say, Photoshop files that weigh in in the hundreds of megabytes. For day to day stuff this works quite well. Just for example, I keep my iTunes collection on a filevault image and it does not seem to kill performance even with resource hogs like MS Word and Excel running.

If you only want a small secure area rather than encrypting the entire Home directory like you do with Filevault you can also create stand alone *.dmg images with the 'Disk Utility'. These have the same 128-bit AES encryption as Filevault. Fire up /Applications/Utilities/Disk Utility.app, select File->New->Blank Disk Image... Once created this can be accessed by double clicking it and feeding it the password.

This is already built-in to OSX

It's called FileVault. Just go to one's system preferences, select FileVault, set the password and bingo!

Re:mutually exclusive?

[thebdj]

Actually, BSD is a unix derivative just like Linux. Both have their separation from Unix and neither is Unix.

In reality, it is probably still safe to call it a *nix, only the BSD zealots would like us to separate it into a "BSD", which is about as anal as separating the Linux distributions into different groups.

BTW, your original post compared it to *nix operating systems and complained about OSX. The Article refers to this about NetBSD, therefore making your statements a bit mixed.

The folks over at Wikipedia seem to agree with us on this one.

Re:*BSD?

Actually... *BSD ain't so bad. I am sure this guy just pulled some sh*t out of his ass.
Here is some information about FreeBSD if you are interested.

Re:mutually exclusive?

[muhgcee]

Give me a break. If you say something like that, it simply shows that you don't know how to administer Windows very well.

Re:What about privileged users?

[Eil]

I don't know how GCD in particular works, but with Unix disk encryption, the designers typically allow for the entire filesystem to be encrypted from root (/) on down. In this case, you are asked for a passphrase by the kernel or some utility before the relevant parts of your disk are "unlocked." System accounts don't even enter into it since /etc could very well (and probably should) be encrypted on a sensitive machine. The attacker can know your user password, root password, and the blood type of your first-born son, but they aren't going to get at your data any time soon without the encryption passphrase.

I've personally always found encrypted disks (Linux and BSD) to be more trouble than they're worth to set up. I realized long ago that I'm much better at just keeping sensitive data off my laptop rather than trying to keep it secure. If my laptop is ever stolen, the most valuable thing they'd walk away with (data-wise) are a few DS9 episodes and maybe logins to a few non-essential websites.

Why is this being compared to loop-aes on Linux?

Reading the first few lines of the interview I get the impression it does almost the exactly the same stuff dm-crypt does, which has been in Linux stable for over a year now.
Have a look at http://luks.endorphin.org/
In my opinion, there has been some excellent work been done.

dm-crypt?

[Gadzinka]

It's interesting to see xxxBSD user/developer comparing "just written" software for BSD with ancient versions of Linux counterparts and (surprisingly) finding xxxBSD version to be better. My point being: dm-crypt.

If you are interested in Linux 2.6 encrypted partition, use dm-crypt together with cryptsetup tool. It's much safer than AES loop and:

• it allows to use encryption algorithms in CBC mode;
• uses published linux kernel crypto API, which means that you can use any cipher known by kernel;
• because of the above, if kernel has hardware support for some crypto algo, dm-crypt uses it automagically: I have a very low power VIA Epia MicroITX board (soon to be replaced by even lower power Nano ITX board by Epia) serving as my home fileserver. The processor, VIA Nehemiah is disgustingly slow at it's 800MHz, but it has VIA Padlock crypt engine doing AES in hardware -- access speed on encrypted AES256-CBC partition is indistinguishable from the speed on the same non-encrypted disk, and a lot higher than on my Pentium M 1.6GHz notebook with Blowfish (i.e. the fastest-yet-quite-safe) dm-crypt partition.
• because it uses Crypto API, you can use any new safer or faster algo, whether it's done in software or hardware, as soon as there is crypto api driver for it (crypto using GPU anyone? ;)
• with existing cryptsetup tool you can create encrypted swap partition with random key taken from /dev/random; and since some platforms (e.g. VIA Epia, but also chipsets from Intel, AMD and others) have true hardware random generators with Linux drivers, I wish a lot of luck to someone trying to recover passwords from my swap device ;)
• while existing key generation method is not as kosher as described PKCS#5 PBKDF2 or multifactor solutions, cryptsetup is just a userspace tool controlling kernel space diskmapper virtual disk engine; you can write your own tool and initialize your dm-crypt partitions any way you want;

OK, I'm tired, go read the links and you'll be much wiser and better informed than after reading TFA ;)

Robert

Re:of course it helps...

[BobNET]

I have no idea why these mechanisms are not enabled by default on these OSes (not even on OpenBSD!) as the overhead really isn't that noticble...

Swap is now encrypted by default in OpenBSD 3.8: http://marc.theaimsgroup.com/?l=openbsd-cvs&m=1111 85331505174&w=2

Re:mutually exclusive?

[lky]

Loop-AES is not the current recommended way of doing this on GNU/Linux.

For the current method, check out device-mapper, dm-crypt and cryptsetup.

For more information, check out: http://www.saout.de/misc/dm-crypt/

And for a guided howto install Debian on a USB stick with everything but /boot encrypted, check out: http://www.debian-administration.org/articles/179

Crosscrypt for Windows Users. GPL too

[tezza]

I've used this A LOT.

Cross Crypt - Open Source AES and TwoFish Linux compatible on the fly encryption for Windows XP and Windows 2000.

It uses the excellent Filedisk to appear as a volume in Explorer.

It's GPL, sorry to restate that, but I dunno if you read the headline fully or not.