Date: Sat, 19 Oct 2002 13:28:13 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Poul-Henning Kamp <phk@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/conf NOTES files options src/sys/geom/bde g_bde.c g_bde.h g_bde_crypt.c g_bde_lock.c g_bde_work.c Message-ID: <Pine.NEB.3.96L.1021019132659.83141D-100000@fledge.watson.org> In-Reply-To: <200210191702.g9JH2JrM062903@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
phk left it out, but:
Approved by re@
The scope for damage is highly limited as it's an isolated module that
isn't compiled in by default.
(my commit messages are, at the very least, arriving out-of-order: I got
this after the bug fix commit)
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org Network Associates Laboratories
On Sat, 19 Oct 2002, Poul-Henning Kamp wrote:
> phk 2002/10/19 10:02:19 PDT
>
> Modified files:
> sys/conf NOTES files options
> Added files:
> sys/geom/bde g_bde.c g_bde.h g_bde_crypt.c
> g_bde_lock.c g_bde_work.c
> Log:
> Add Geom Based Disk Encryption to the tree.
>
> This is an encryption module designed for to secure denial of access
> to the contents of "cold disks" with or without destruction activation.
>
> Major features:
>
> * Based on AES, MD5 and ARC4 algorithms.
> * Four cryptographic barriers:
> 1) Pass-phrase encrypts the master key.
> 2) Pass-phrase + Lock data locates master key.
> 3) 128 bit key derived from 2048 bit master key protects sector key.
> 3) 128 bit random single-use sector keys protect data payload.
> * Up to four different changeable pass-phrases.
> * Blackening feature for provable destruction of master key material.
> * Isotropic disk contents offers no information about sector contents.
> * Configurable destination sector range allows steganographic deployment.
>
> This commit adds the kernel part, separate commits will follow for the
> userland utility and documentation.
>
> This software was developed for the FreeBSD Project by Poul-Henning Kamp and
> NAI Labs, the Security Research Division of Network Associates, Inc. under
> DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
> research program.
>
> Many thanks to Robert Watson, CBOSS Principal Investigator for making this
> possible.
>
> Sponsored by: DARPA & NAI Labs.
>
> Revision Changes Path
> 1.1101 +1 -0 src/sys/conf/NOTES
> 1.723 +4 -0 src/sys/conf/files
> 1.359 +1 -0 src/sys/conf/options
> 1.1 +282 -0 src/sys/geom/bde/g_bde.c (new)
> 1.1 +150 -0 src/sys/geom/bde/g_bde.h (new)
> 1.1 +356 -0 src/sys/geom/bde/g_bde_crypt.c (new)
> 1.1 +311 -0 src/sys/geom/bde/g_bde_lock.c (new)
> 1.1 +731 -0 src/sys/geom/bde/g_bde_work.c (new)
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021019132659.83141D-100000>