HOME

TheInfoList



Click Here for Items Related To - Geli (software)
OR:
Geli (software) on:   [Wikipedia]   [Google]   [Amazon]

geli is a
block device In Unix-like operating systems, a device file, device node, or special file is an interface to a device driver that appears in a file system as if it were an ordinary file. There are also special files in DOS, OS/2, and Windows. These spec ...
-layer
disk encryption Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or disk encryption hardware, hardware to encry ...
system written for
FreeBSD FreeBSD is a free-software Unix-like operating system descended from the Berkeley Software Distribution (BSD). The first version was released in 1993 developed from 386BSD, one of the first fully functional and free Unix clones on affordable ...
, introduced in version 6.0. It uses the GEOM disk framework. It was designed and implemented by Paweł Jakub Dawidek.


Design details

geli was initially written to protect data on a user's computer in situations of physical theft of hardware, disallowing the thief access to the protected data. This has changed over time with the introduction of optional data authentication/integrity verification. geli allows the key to consist of several information components (a user entered passphrase, random bits from a file, etc.), permits up to 2 keys (a user key and a company key, for example), and can attach a provider with a random, one-time key. The user passphrase is strengthened with PKCS#5.


Differences from GBDE

The geli utility is different from gbde in that it offers different features and uses a different scheme for doing cryptographic work. It supports the crypto framework within FreeBSD, allowing hardware cryptographic acceleration if available, as well as supporting more cryptographic algorithms (currently AES,
Triple DES In cryptography, Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The 56-bit key of the Dat ...
, Blowfish and
Camellia ''Camellia'' (pronounced or ) is a genus of flowering plants in the family Theaceae. They are found in tropical and subtropical areas in East Asia, eastern and South Asia, southern Asia, from the Himalayas east to Japan and Indonesia. There are ...
) and data authentication/integrity verification via
MD5 The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as Request for Comments, RFC 1321. MD5 ...
,
SHA1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160- bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United State ...
, RIPEMD160,
SHA256 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...
, SHA384 or SHA512 as Hash Message Authentication Codes.


See also

* GBDE * LUKS *
Disk encryption Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or disk encryption hardware, hardware to encry ...
*
Disk encryption software Disk encryption software is a computer security software that protects the confidentiality of data stored on computer media (e.g., a Hard disk drive, hard disk, floppy disk, or USB flash drive, USB device) by using disk encryption. Compared to ac ...
* Comparison of disk encryption software


References

Disk encryption FreeBSD Software using the BSD license {{crypto-stub