|
Cryptoloop
Cryptoloop is a Linux kernel's disk encryption module that relies on the Crypto API, which is a cryptography framework introduced in version 2.5.45 of the Linux kernel mainline. Cryptoloop was first introduced in the 2.5.x kernel series; its functionality was later incorporated into the device mapper, a generic framework used to map one block device onto another. Cryptoloop can create an encrypted file system within a partition or from within a regular file in the regular file system. Once a file is encrypted, it can be moved to another storage device. This is accomplished by making use of a loop device, a pseudo device that enables a normal file to be mounted as if it were a physical device. By encrypting I/O to the loop device, any data being accessed must first be decrypted before passing through the regular file system; conversely, any data being stored will be encrypted. Cryptoloop is vulnerable to watermarking attacks, making it possible to determine presence of watermar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Comparison Of Disk Encryption Software
This is a technical feature comparison of different disk encryption software. Background information Operating systems Features * Hidden containers: Whether hidden containers (an encrypted container (A) within another encrypted container (B) so the existence of container A can not be established) can be created for deniable encryption. Note that some modes of operation like CBC with a plain IV can be more prone to watermarking attacks than others. * Pre-boot authentication: Whether authentication can be required before booting the computer, thus allowing one to encrypt the boot disk. * Single sign-on: Whether credentials provided during pre-boot authentication will automatically log the user into the host operating system, thus preventing password fatigue and reducing the need to remember multiple passwords. * Custom authentication: Whether custom authentication mechanisms can be implemented with third-party applications. * Multiple keys: Whether an encrypted volume can have ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dm-crypt
dm-crypt is a transparent block device encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD. It is part of the device mapper (dm) infrastructure, and uses cryptographic routines from the kernel's Crypto API. Unlike its predecessor cryptoloop, dm-crypt was designed to support advanced modes of operation, such as XTS, LRW and ESSIV, in order to avoid watermarking attacks. In addition to that, dm-crypt addresses some reliability problems of cryptoloop. dm-crypt is implemented as a device mapper target and may be stacked on top of other device mapper transformations. It can thus encrypt whole disks (including removable media), partitions, software RAID volumes, logical volumes, as well as files. It appears as a block device, which can be used to back file systems, swap or as an LVM physical volume. Some Linux distributions support the use of dm-crypt on the root file system. These distributions use initrd to prompt the user to enter a pass ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Watermarking Attack
In cryptography, a watermarking attack is an attack on disk encryption methods where the presence of a specially crafted piece of data can be detected by an attacker without knowing the encryption key. Problem description Disk encryption suites generally operate on data in 512-byte sectors which are individually encrypted and decrypted. These 512-byte sectors alone can use any block cipher mode of operation (typically CBC), but since arbitrary sectors in the middle of the disk need to be accessible individually, they cannot depend on the contents of their preceding/succeeding sectors. Thus, with CBC, each sector has to have its own initialization vector (IV). If these IVs are predictable by an attacker (and the filesystem reliably starts file content at the same offset to the start of each sector, and files are likely to be largely contiguous), then there is a chosen plaintext attack which can reveal the existence of encrypted data. The problem is analogous to that of using block ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Linux Kernel
The Linux kernel is a Free and open-source software, free and open source Unix-like kernel (operating system), kernel that is used in many computer systems worldwide. The kernel was created by Linus Torvalds in 1991 and was soon adopted as the kernel for the GNU operating system (OS) which was created to be a free software, free replacement for Unix. Since the late 1990s, it has been included in many Linux distributions, operating system distributions, many of which are called Linux. One such Linux kernel operating system is Android (operating system), Android which is used in many mobile and embedded devices. Most of the kernel code is written in C (programming language), C as supported by the GNU compiler collection (GCC) which has extensions beyond standard C. The code also contains assembly language, assembly code for architecture-specific logic such as optimizing memory use and task execution. The kernel has a Modular programming, modular design such that modules can be inte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Application Programming Interfaces
An application programming interface (API) is a connection between computers or between computer programs. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how to build such a connection or interface is called an ''API specification''. A computer system that meets this standard is said to ''implement'' or ''expose'' an API. The term API may refer either to the specification or to the implementation. In contrast to a user interface, which connects a computer to a person, an application programming interface connects computers or pieces of software to each other. It is not intended to be used directly by a person (the end user) other than a computer programmer who is incorporating it into software. An API is often made up of different parts which act as tools or services that are available to the programmer. A program or a programmer that uses one of these parts is said to ''call'' that portion of the API. Th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Disk Encryption
Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or disk encryption hardware, hardware to encryption, encrypt every bit of data that goes on a disk storage, disk or disk volume (computing), volume. It is used to prevent unauthorized access to data storage. The expression ''full disk encryption (FDE)'' (or ''whole disk encryption'') signifies that everything on the disk is encrypted, but the master boot record (MBR), or similar area of a bootable disk, with code that starts the operating system loading sequence, is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR. Transparent encryption Transparent encryption, also known as real-time encryption and on-the-fly encryption (OTFE), is a method used by some disk encryption software. "Transparent" refers to the fact ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Minix
MINIX is a Unix-like operating system based on a microkernel Software architecture, architecture, first released in 1987 and written by American-Dutch computer scientist Andrew S. Tanenbaum. It was designed as a clone of the Unix operating system and one that could run on affordable, Intel 8086-based home computers; MINIX was targeted for use in classrooms by computer science students at universities. Its name comes from ''mini-Unix''. MINIX was initially Source-available software, proprietary source-available, but was relicensed under the BSD licenses, BSD 3-Clause to become free and open-source software, free and open-source in 2000. MINIX was ported to various additional platforms in the 1990s, and version 2.0 was released in 1997 and was the first to be POSIX compliant. Starting with MINIX 3, released in 2005, the primary aim of development shifted from education to the creation of a high availability, highly reliable and Self-management (computer science), self-healing micro ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reiserfs
ReiserFS is a general-purpose, journaling file system initially designed and implemented by a team at Namesys led by Hans Reiser and licensed under GPLv2. Introduced in version 2.4.1 of the Linux kernel, it was the first journaling file system to be included in the standard kernel. ReiserFS was the default file system in Novell's SUSE Linux Enterprise until Novell decided to move to ext3 for future releases on October 12, 2006. ReiserFS version 3.6, now occasionally referred to as Reiser3, introduced a new on-disk format allowing larger filesizes. Namesys considered ReiserFS stable and feature-complete and ceased development on it to concentrate on its successor, Reiser4, though it continued to release security updates and critical bug fixes. Namesys went out of business in 2008 after Reiser's conviction for murder. The product is now maintained as open source by volunteers. The reiserfsprogs 3.6.27 were released on 25 July 2017. As of Linux 6.12, ReiserFS is supported on L ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ext3
ext3, or third extended filesystem, is a journaling file system, journaled file system that is commonly used with the Linux kernel. It used to be the default file system for many popular Linux distributions but generally has been supplanted by its successor version ext4. The main advantage of ext3 over its predecessor, ext2, is journaling file system, journaling, which improves reliability and eliminates the need to check the file system after an unclean or improper Shutdown (computing), shutdown. History Stephen Tweedie first revealed that he was working on extending ext2 in ''Journaling the Linux ext2fs Filesystem'' in a 1998 paper, and later in a February 1999 kernel mailing list posting. The filesystem was merged with the mainline Linux kernel in November 2001 from 2.4.15 onward. Advantages The speed performance of ext3 is less attractive than competing Linux filesystems, such as ext4, JFS (file system), JFS, ReiserFS, and XFS, but ext3 has a significant advantage in tha ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ext2
ext2, or second extended file system, is a file system for the Linux kernel (operating system), kernel. It was initially designed by French software developer Rémy Card as a replacement for the extended file system (ext). Having been designed according to the same principles as the Berkeley Fast File System from Berkeley Software Distribution, BSD, it was the first commercial-grade filesystem for Linux. The canonical implementation of ext2 is the "ext2fs" filesystem driver in the Linux kernel. Other implementations (of varying quality and completeness) exist in GNU Hurd, MINIX 3, some BSD kernels, in MiNT, Haiku (operating system), Haiku and as third-party Microsoft Windows and macOS (via Filesystem_in_Userspace, FUSE) drivers. This driver was deprecated in Linux version 6.9 in favor of the ext4 driver, as the ext4 driver works with ext2 filesystems. ext2 was the default filesystem in several Linux distributions, including Debian and Red Hat Linux, until supplanted by ext3, w ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Watermark (data File)
A watermark stored in a data file refers to a method for ensuring data integrity which combines aspects of data hashing and digital watermarking. Both are useful for tamper detection, though each has its own advantages and disadvantages. Data hashing A typical data hash will process an input file to produce an alphanumeric string unique to the data file. Should the file be modified, such as if one or more bit changes occur within this original file, the same hash process on the modified file will produce a different alphanumeric. Through this method, a trusted source can calculate the hash of an original data file and subscribers can verify the integrity of the data. The subscriber simply compares a hash of the received data file with the known hash from the trusted source. This can lead to two situations: the hash being the same or the hash being different. If the hash results are the same, the systems involved can have an appropriate degree of confidence to the integrity o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Input/output
In computing, input/output (I/O, i/o, or informally io or IO) is the communication between an information processing system, such as a computer, and the outside world, such as another computer system, peripherals, or a human operator. Inputs are the signals or data received by the system and outputs are the signals or data sent from it. The term can also be used as part of an action; to "perform I/O" is to perform an input or output operation. are the pieces of hardware used by a human (or other system) to communicate with a computer. For instance, a keyboard or computer mouse is an input device for a computer, while monitors and printers are output devices. Devices for communication between computers, such as modems and network cards, typically perform both input and output operations. Any interaction with the system by an interactor is an input and the reaction the system responds is called the output. The designation of a device as either input or output depend ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
