dm-crypt and dm-linear
Let me introduce the Simple Steganographic Store:
WARNING: You should see this program as an unreviewed bug-ridden hack. If you seriously need deniable encryption and you want to use this program, you are free to do so, but you should put it up for technical and legal review. Don't trust the stuff you read here, even though IANAL. Don't say I didn't warn you.
How is plausibe deniability implemented? First some terminoligy. There is a
raw device which contains the encrypted data. Using cryptsetup and
scubed you can create at most between 512 and 1024 cryptographic
views on the raw device. I will call those cryptographic views partitions.
Suppose you use scubed on a DVD+RW which can hold 4.377 GB. You have a partition of 2 GB, one of 1 GB and one of 600MB. This leaves about 0.791 GB of free space.
Now someone demands your encryption keys, this someone cannot see how many partitions you have, so you could give the keys to the first two partitions and claim that the rest is free space (reserved for a new partition or for expansion of an existing partition to enlarge the filesystem it contains).
Without the right passphrases even scubed itself can't say if
the free space is truly free or is partly occupied by a hidden partition. This
is why you need to tell scubed about all your partitions
before you enlarge a partition or create a new one.
A small tutorial is contained in the README file.
svn checkout
http://cube.dyndns.org/svn/scubed/trunk scubed. This command will
create a directory scubed/ in the current directory and populate
it with files.
scubed to C++ and called it
scubed++. You can find it here.
$Id: index.html 48 2019-07-17 13:49:53Z rsnel $