From owner-freebsd-current  Sun May 26 11:20:33 2002
Delivered-To: freebsd-current@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by hub.freebsd.org (Postfix) with ESMTP id A1D1737B405
	for <current@freebsd.org>; Sun, 26 May 2002 11:20:11 -0700 (PDT)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.12.3/8.12.2) with ESMTP id g4QIJCpA038329
	for <current@freebsd.org>; Sun, 26 May 2002 20:19:12 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: current@freebsd.org
Subject: Re: cvs commit: src/sys/conf files src/sys/geom geom_aes.c 
In-Reply-To: Your message of "Sun, 26 May 2002 11:14:38 PDT."
             <200205261814.g4QIEdg85920@freefall.freebsd.org> 
Date: Sun, 26 May 2002 20:19:12 +0200
Message-ID: <38328.1022437152@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


I know several of you out there are sitting ready to jump in and
protect your p0r^H^H^Hware^H^H^H^Hsource code with this as soon as
you see it, but please bear in mind that this is rather crude
implementation which mainly serves as "proof-of-concept" and that
the final article is likely to be entirely different from this.

But apart from that:

	mdconfig -a -t malloc -s 4m -u 98
	echo "<<FreeBSD-GEOM-AES>>" | dd conv=sync of=/dev/md98
	newfs /dev/md98.aes
	mount_ffs /dev/md98.aes /mnt

Have fun...

Poul-Henning

In message <200205261814.g4QIEdg85920@freefall.freebsd.org>, Poul-Henning Kamp 
writes:
>phk         2002/05/26 11:14:38 PDT
>
>  Modified files:
>    sys/conf             files 
>  Added files:
>    sys/geom             geom_aes.c 
>  Log:
>  Add a proof-of-concept encryption class.
>  
>  "The only hard problem in cryptography is key-management."
>  
>  All sectors are encrypted with AES in CBC mode using a constant key,
>  currently compiled in and all zero.
>  
>  To activate this module, write the magic header on the partition:
>  
>          echo "<<FreeBSD-GEOM-AES>>" | dd conv=sync of=/dev/md98
>  
>  The encrypted device will be one sector shorter and have ".aes"
>  appended to its name.
>  
>  Sponsored by: DARPA & NAI Labs.
>  
>  Revision  Changes    Path
>  1.636     +1 -0      src/sys/conf/files
>  1.1       +274 -0    src/sys/geom/geom_aes.c (new)
>

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message