EvilZone
Hacking and Security => Hacking and Security => Topic started by: lucid on January 30, 2014, 01:10:57 AM
-
I'm looking for a new encryption software to use for linux. I used to use truecrypt but I don't trust it. I have ctriterion which the software should fulfill. The most important one probably is that I want to be able to chose the algorithm. So many seem to use AES 256 and I'd prefer to use something else, like twofish. Other then thatI'd like to be able to use keyfiles. Tomb looks really good in that regard. It also have a steganography function to hide your keyfiles further. Tomb also uses AES 256. I've checked out ECryptFS but wasn't terribly excited about it.
Leaning towards Tomb because it has more features I like then dislike. What do you people use?
-
https://www.schneier.com/twofish-products.html (https://www.schneier.com/twofish-products.html)
Here are quite a few products that are by the guy who invented twofish. Might be worth a look.
-
Awesome link thanks!
-
No problem at all. Twofish is pretty cool. When it comes to encryption Bruce Schneier is the man. He wrote Applied Cryptography 1 & 2 along with several other bad ass books. I posted his new one in the ebooks section.
Ark
-
The standard encrypted drive setup in Linux is LUKS, which is usually accessed through the dm-crypt utility.
eCryptFS and EncFS are easy to set up, but they're all userspace file system encryption layers, which means metadata is still accessible.
-
LUKS is only for encrypting whole file systems yes? That's not really what I'm looking for. Yeah, I kinda didn't like that about those other two.
-
Ah, then if you simply want a layer that runs in userspace, then go for eCryptFS or EncFS.
-
I think you could use gpg for this.
gpg --symmetric --cipher-algo TWOFISH file.zip shred -u file.zipgpg -d file.zip.gpg
I don't know if that'll work in your situation. I am not sure about the keyfiles in regards to file encryption, but I would assume the feature is in there somewhere - gpg is used for public/private keys with emails. Might be something worth thinking about.
-
Here's a Wikipedia page with a list of different encryption software that lets you know if it's on Linux to give you some more ideas.
http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software#Operating_systems
BestCrypt seems to have everything you're looking for
BestCrypt supports a wide variety of block cipher algorithms including AES, Serpent, Blowfish, Twofish, DES, Triple DES, GOST 28147-89. All ciphers support CBC and LRW modes of operation while AES, Twofish and GOST also support XTS mode.
-
Please do not use BestCrypt. It is proprietary software.
-
Please do not use BestCrypt. It is proprietary software.
In which case truecrypt might still be a better option.
-
In regards to TrueCrypt, it looks like there's been some work towards an audit of the code.
http://blog.cryptographyengineering.com/2013/12/an-update-on-truecrypt.html
-
In regards to TrueCrypt, it looks like there's been some work towards an audit of the code.
http://blog.cryptographyengineering.com/2013/12/an-update-on-truecrypt.html
That's hopeful. Thanks everyone.