From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 22 15:47:45 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B667B106568B
	for <freebsd-questions@freebsd.org>;
	Tue, 22 Jul 2008 15:47:45 +0000 (UTC)
	(envelope-from cpghost@cordula.ws)
Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 59ED68FC19
	for <freebsd-questions@freebsd.org>;
	Tue, 22 Jul 2008 15:47:45 +0000 (UTC)
	(envelope-from cpghost@cordula.ws)
Received: from epia-2.farid-hajji.net (epia-2 [192.168.254.11])
	by fw.farid-hajji.net (Postfix) with ESMTP id 2F438339E6;
	Tue, 22 Jul 2008 17:47:43 +0200 (CEST)
Date: Tue, 22 Jul 2008 17:47:42 +0200
From: cpghost <cpghost@cordula.ws>
To: FreeBSD Questions <freebsd-questions@freebsd.org>
Message-ID: <20080722154742.GA43358@epia-2.farid-hajji.net>
References: <20080718155624.GA2886@kokopelli.hydra>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20080718155624.GA2886@kokopelli.hydra>
User-Agent: Mutt/1.5.18 (2008-05-17)
Subject: Re: disk encryption; hidden containers
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jul 2008 15:47:45 -0000

On Fri, Jul 18, 2008 at 09:56:24AM -0600, Chad Perrin wrote:
> My preliminary searches on the subject suggest that neither GBDE nor GELI
> encryption offers hidden volume/container capabilities.  Are there any
> plans for implementing this in the future?  What disk encryption
> softoware would you recommend for use with FreeBSD to provide hidden
> containers?

Unless the containers are spread randomly across the partition
and are small enough, they WILL appear very prominently, because
they will usually have maximun entropy.

To locate them, all a cyrptanalyst has to do is to look out for
regions on the partition with very high entropy, and to proceed by
elimination (e.g. by trying to decompress files or looking for
specific markers in, say, MPEG files and what not).

Hiding encrypted contents is not as easy as it may seem...

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/