Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 26 May 2002 20:19:12 +0200
From:      Poul-Henning Kamp <phk@critter.freebsd.dk>
To:        current@freebsd.org
Subject:   Re: cvs commit: src/sys/conf files src/sys/geom geom_aes.c 
Message-ID:  <38328.1022437152@critter.freebsd.dk>
In-Reply-To: Your message of "Sun, 26 May 2002 11:14:38 PDT." <200205261814.g4QIEdg85920@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

I know several of you out there are sitting ready to jump in and
protect your p0r^H^H^Hware^H^H^H^Hsource code with this as soon as
you see it, but please bear in mind that this is rather crude
implementation which mainly serves as "proof-of-concept" and that
the final article is likely to be entirely different from this.

But apart from that:

	mdconfig -a -t malloc -s 4m -u 98
	echo "<<FreeBSD-GEOM-AES>>" | dd conv=sync of=/dev/md98
	newfs /dev/md98.aes
	mount_ffs /dev/md98.aes /mnt

Have fun...

Poul-Henning

In message <200205261814.g4QIEdg85920@freefall.freebsd.org>, Poul-Henning Kamp 
writes:
>phk         2002/05/26 11:14:38 PDT
>
>  Modified files:
>    sys/conf             files 
>  Added files:
>    sys/geom             geom_aes.c 
>  Log:
>  Add a proof-of-concept encryption class.
>  
>  "The only hard problem in cryptography is key-management."
>  
>  All sectors are encrypted with AES in CBC mode using a constant key,
>  currently compiled in and all zero.
>  
>  To activate this module, write the magic header on the partition:
>  
>          echo "<<FreeBSD-GEOM-AES>>" | dd conv=sync of=/dev/md98
>  
>  The encrypted device will be one sector shorter and have ".aes"
>  appended to its name.
>  
>  Sponsored by: DARPA & NAI Labs.
>  
>  Revision  Changes    Path
>  1.636     +1 -0      src/sys/conf/files
>  1.1       +274 -0    src/sys/geom/geom_aes.c (new)
>

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38328.1022437152>