Learn about Linux
Download Linux
Get Linux helpSpecial Offers
Feature: Security
How to hide an entire filesystem
Share
Print
CommentsIf you have a dedicated encrypted partition or disk, you need to keep only one passphrase or key to unlock all your protected files. Some solutions allow you to go as far as encrypting the swap and the root partition. The drawbacks include sometimes a loss of performance (unfortunately, a necessary trade-off for security), and the fact that if an attacker gets ahold of your key (or you just happen to lose it), you can say goodbye to all your protected files.
The loopback device and dm-crypt
Presently, the main approaches to filesystem encryption supported by the Linux kernel use the loopback device driver and the device-mapper system (using the dm-crypt target). If you intend to use the loopback device approach, then loop-AES is your best choice. It's one of the most mature disk encryption methods available for Linux, and its excellent README provides precious real-world examples on filesystem encryption.
Dm-crypt was bundled with the 2.6 series of the kernel, and provides better performance and more security than the loopback device driver. It is also richer in features.
The most promising project presently using dm-crypt seems to be LUKS, which aims to provide a standard on-disk format, making it easier to migrate protected data between distributions. Besides that, it offers multiple key management (a big plus), and the encrypted partitions can be accessed in Windows through FreeOTFE (an even bigger plus).
Approaches using FUSE
Two other applications take a different tack. Both CryptoFS and EncFS are encrypted filesystems that run on top of FUSE, a package that allows users to create a filesystem in userspace and mount it without needing to have root privileges, among other things. With these applications, files (and their filenames) are encrypted and contained in a normal directory. The user must select another directory as a mount point for the encrypted filesystem: the protected data will be decrypted there, using a key. Without the key, there is no way to mount the directory with the decrypted files.
CryptoFS and EncFS provide a good ratio between security and convenience for the user. Filesystems created with FUSE can dynamically grow to any size, as opposed to the loopback approach, for instance, which requires the creation of a fixed-size partition. However, for the most cautious (or paranoid) user, there is a big disadvantage in using FUSE filesystems: looking inside the regular directory, anyone can still see how many encrypted files there are in total, calculate their real sizes, and check the permissions they have.
A benchmark by Tom's Hardware, comparing EncFS and CryptoFS with LUKS, indicates that LUKS has the upper hand in terms of file performance.
eCryptfs
Another option found upstream in the Linux kernel is eCryptfs. You'll need the kernel module and the userspace utilities to install and use it. eCryptfs provides a stacked encrypted filesystem, meaning it works on top of another existing filesystem and its call stack (due to that, some filesystems, such as XFS, may cause problems; check the eCryptfs FAQ).
An advantage of using eCryptfs is that it's a native Linux filesystem, and doesn't need to operate through FUSE or RPC calls, which means it has less dependencies, and is probably cleaner to develop. Cryptographic metadata about each file is stored in the header of the file itself, which makes migration of data and backups easier. Features like key management are available, and others, like filename encryption, are planned for the near future.
Deniable encryption
In some situations, data needs not only to be protected, but also kept invisible to everyone except the owner. There are already laws in some countries that state you can go jail if you refuse to supply the keys to your encrypted files, if asked to do so by the authorities. The best protection, sometimes, is not to have any visible encrypted data.
Some steganographic tools allow the user to inconspicuously hide data "behind" other files (normally image or sound files). However, when you have many files to hide, or their size is too large to be hidden behind a simple .jpg, your best bet is to use steganographic filesystems.
One recent interesting proposal is an MP3 steganographic filesystem. Most of the other approaches involve simply creating hidden encrypted partitions. But they don't stop there: they also allow users to create layers within those partitions, with different passwords for each. When forced to give a password for a hidden partition, the user could supply one that gave access to a layer filled with dummy data. Each layer knows nothing about the other layers, so it's impossible to prove their existence. There you have it: plausible deniability.
Steganographic filesystems also carry disadvantages. Since hidden data has to be randomly distributed throughout the entire disk or partition (which makes it almost impossible to trace -- a very good thing), that means it can be overwritten by regular file operations in your visible partitions. Data collisions can also occur. File performance with this type of filesystem is remarkably poor as well. But the worst part is that, sadly, almost all the projects that I know of are dead or half-dead. I'm talking about Rubberhose, Phonebook, and StegFS. MagikFS looks promising in theory; let's hope it doesn't follow the same fate as the others.
There is, however, a stable and well-maintained tool I recommend if you need to use deniable encryption: Truecrypt. Besides allowing the creation of simple encrypted partitions, Truecrypt can also create hidden volumes, where an encrypted "outer partition" is used to conceal dummy data, and then, inside of it, a smaller and invisible "inner partition" is created, its data kept in the free space of the outer partition.
If you read its instructive documentation, you'll see that Truecrypt has found several ways to evade the problems of data corruption and file performance associated with steganographic filesystems. Besides that, it's easy to install and use, and has both Linux and Windows versions available (you'll need the kernel sources to install it on Linux). It's one of the best disk encryption solutions available for both operating systems.
Making security a priority
As someone said, security is a state of mind. It is you who, in the end, make your system secure, not the software you use. There are common vulnerable spots in every system that file and even disk encryption won't cover. Every time you access a file, a copy may be left in the swap space, or in temporary directories. The history file of your shell will show the most recent commands typed in. Many applications make backup copies of files created with them. And that document you just printed and wiped from disk may still be recoverable from the printer spool. Your keys should be written on a paper or stored in a portable medium (pendrive, CD-ROM) and kept in a safe place. Given the choice, it's better to be paranoid than careless.
As a final note, if you're using FreeBSD, you can try CryptoFS and EncFS through Fuse4BSD. And you should also take a look at CGD (NetBSD) and GBDE. For more information on steganography and data concealment, check the information hiding homepage. I must also add that you should not simply discard regular file encryption in favor of encrypted filesystems, but instead consider a solution involving both. And, if you have the resources for it, consider hardware encryption such as the Trusted Platform Module.
Rui Lopes is a Portuguese Web designer and filmmaker who has a wide range of interests in the technology field.
Rui Lopes is a Portuguese Web designer and filmmaker who has a wide range of interests in the technology field.
Comments
on How to hide an entire filesystemNote: Comments are owned by the poster. We are not responsible for their content.
Re:Reiser4 supports both ENCRYPTION and compressio
Posted by: Anonymous Coward on March 15, 2007 01:04 AMBy encrypting it like the article was about....
Posted by: Anonymous Coward on March 15, 2007 05:58 AMBy encrypting it like the article was about -- idiot.
Clearly you didn't even read the article.
Re:By encrypting it like the article was about....
Posted by: Anonymous Coward on March 15, 2007 06:47 PMNo, the article was about hiding a filesystem, of which encryption is only a(n optional) part.
(Clue: The title of the article is "How to hide an entire filesystem")
Clearly, you didn't even read the article's title -- idiot.
Note that a filesystem doesn't have to be encrypted in order to be hidden, although doing so can make a hidden filesystem more difficult to find.
And the article didn't even mention benchmarks.
How would rfs4 perform in combination with different types of steganography, compared with other filesystems?
Unknown, because:
While the number of disk accesses for a plain (or encrypted) rfs4 may be lower than others, this advantage may disappear when combined with steganography.
The reason: rfs4 may be optimizing things like seeks, order of writes, and so forth.
When the filesystem is sitting in a<nobr> <wbr></nobr>.WAV, MP3, or JPEG file on another (possibly rfs4) filesystem, all of this optimization goes out the window.
Your benchmarks are meaningless.
Perhaps a better alternative to some of the mentioned solutions would be <a href="http://www.computerweekly.com/Articles/2007/03/13/222387/encrypted-laptop-hard-drives-arrive-from-seagate.htm" title="computerweekly.com">Seagate's encrypted hard drives</a computerweekly.com> which are finally hitting the retail channel. If they become widely adopted, these drives will make many of these encrypted file systems redundant.
- T
i can put a serial cable on a seagate drive, put it in debug and clear the password in about 4 seconds.
let me put it this way, do you really expect these company's to make *real* user security when there biggest custommers are the governments we need to protect ourselves against?
clipper-chip anybody?
Maybe encryption of at least the<nobr> <wbr></nobr>/home directory should be standard. So when the user login, that password is used to decrypt its home directory. No extra password to remember, and its all transparent to the user.
Would be sweet if LinuxBIOS made so you could make so that a smartcard would be required for the computer to boot.
Encryption should be fast, easy and transparent. It shouldn't be a slow tricky mess.
Reiser4 supports both ENCRYPTION and compression.
Posted by: Anonymous Coward on March 14, 2007 09:06 AMReiser claims that using compression makes the Reiser4 filesystem some 50% faster than not using it.
However, will cannot verify this because Andrew Morton has always arranged than neither encryption nor compression are available in his mm-kernel.
I suggest that someone take control of Reiser4 away from Andrew Morton.
Here are some filesystem benchmarks from <a href="http://linuxhelp.150m.com/" title="150m.com">http://linuxhelp.150m.com/</a 150m.com> that clearly show that Reiser4 is the best filesystem ever developed.
For more info see <a href="http://linuxhelp.150m.com/resources/fs-benchmarks.htm" title="150m.com">http://linuxhelp.150m.com/resources/fs-benchmarks<nobr>.<wbr></nobr> htm</a 150m.com><tt>|File |Disk |Copy |Copy |Tar |Unzip| Del |
|System |Usage|655MB|655MB|Gzip |UnTar| 2.5 |
|Type |(MB) | (1) | (2) |655MB|655MB| Gig |
|REISER4 | 692 | 148 | 55 | 67 | 25 | 56 |
| (tails)| 673 | 148 | 63 | 78 | 33 | 65 |
|NTFS3g | 772 |1333 |1426 | 585 | 767 | 194 |
|NTFS | 779 | 781 | 173 | X | X | X |
|REISER3 | 793 | 184 | 98 | 85 | 63 | 22 |
|XFS | 799 | 220 | 173 | 119 | 90 | 106 |
|JFS | 806 | 228 | 202 | 95 | 97 | 127 |
|EXT4 | 816 | 174 | 70 | 74 | 42 | 50 |
|EXT3 | 816 | 182 | 74 | 73 | 43 | 51 |
|EXT2 | 816 | 201 | 82 | 73 | 39 | 67 |
|FAT32 | 988 | 253 | 158 | 118 | 81 | 95 |</tt>
On any case, it is my opinion that the future of ReiserFS is unsure at best.
(After all, the name of the article is "How to hide an entire filesystem".)
I don't know how r4fs achieves its impressive benchmarks, but I suspect that it optimizes seek order, reads, writes, and so forth, possibly taking disk geometry into account, etc., etc., all of which may be affected by block encryption, and which may be affected drastically by steganography, especially good steganography, which will typically scatter data all over the place to make it more difficult to find.
Encrypting files in-place (on the same volume, using ext3, ReiserFS, JFS) seems to be a far better solution, especially for crash recovery.
Also, on a file-by-file basis, different files can be encrypted using different keys, essentially creating a real barrier to unauthorized access to data, without interfering with normal administration matters (fsck, backup, restore, etc.).
Hans Reiser has claimed this support is quite good, so you should investigate it.
You may also be interested in Hans Reiser's claim (in one of his lectures) that using compression makes the Reiser4 filesystem some 50% faster (than not using it (writing and reading (this is because compressing and decompressing in RAM is so fast these days))).
True, though one has to appreciate the irony that those who seek security usually don't need it and the ones that need it usually don't seek it.
All the people I know that actually have their security in order are either geeks or system admins with too much time on their hands, but no real security concerns other than some files they prefer their wives and bosses don't see. All the people I know that really need to protect their files, because they hold important and private information (doctors, lawyers, etc.), don't know the first thing about computer security and are almost ignorant of the risks.
How to hide an entire filesystem
Posted by: Anonymous [ip: 71.229.86.61] on October 28, 2007 08:18 AMAn operatiing system that requires NO HARD DRIVE AT ALL.
Live CD's are great or an entire OS on a USB Thumbdrive along with (Truecrypt)
Puppy linux
Mepis
Slax
D@m small linux
Knoppix
Lots of OS's out there that allow for a computer to operate with opera and firefox and save capabilites WITHOUT A HARD DRIVE BEING PRESENT IN THE COMPUTER !!!!!.
A couple of excelent HOW TO (tutorial) for file system encryption
Posted by: zenit on November 15, 2007 06:07 AM<a href="http://goohackle.com/how-to-create-a-portable-encrypted-file_system-on-a-loop-file/">How to create a portable encrypted file system on a loop file</a>
Reiser4 supports both ENCRYPTION and compression.
Posted by: Anonymous Coward on March 14, 2007 05:28 PMReiser claims that using compression makes the Reiser4 filesystem some 50% faster than not using it.
However we cannot verify this because Andrew Morton has always arranged than neither encryption nor compression are available in his mm-kernel.
I suggest that someone take control of Reiser4 away from Andrew Morton.
Here are some filesystem benchmarks from <a href="http://linuxhelp.150m.com/" title="150m.com">http://linuxhelp.150m.com/</a 150m.com> that clearly show that Reiser4 is the best filesystem ever developed.Each test was preformed 5 times and the average value recorded.
Disk Usage: The amount of disk used to store the data (which was 3 different copies of the Linux kernel sources).
The raw data (without filesystem meta-data, block alignment wastage, etc) was 655MB.
Copy 655MB (1): Copy the data over a partition boundary.
Copy 655MB (2): Copy the data within a partition.
Tar Gzip 655MB: Tar and Gzip the data.
Unzip UnTar 655MB: UnGzip and UnTar the data.
Del 2.5 Gig: Delete everything just written (about 2.5 Gig).
For more info see <a href="http://linuxhelp.150m.com/resources/fs-benchmarks.htm" title="150m.com">http://linuxhelp.150m.com/resources/fs-benchmarks<nobr>.<wbr></nobr> htm</a 150m.com>
#