EasyEncryption

Summary

Implement an easy way to use encryption within Ubuntu, everything should seamlessly blend in with Ubuntu.

Rationale

An easy to use encryption system is necessary for both expert as non-expert users.

Use cases

  • Alina is 10 years old and wants to keep a personal diary on her family computer but does not want her brother Johnny to read it. Alina chooses 'Encrypt' from the context menu of her diary folder and progress window shows her the progress. The password is her user password.
  • John the system administrator at a medium sized organisation uses Linux whenever he can. He uses one of the many encryption set-ups available to restrict access to the back-ups that are made each day and documented the password used for encryption. A few years later John dies in an accident; the new sys admin can access the back-ups as Ubuntu figures out the encryption method and requests the password that John has put in a safe.
  • Another case is the laptop where want to keep some stuff secure just in case someone else walks off with it, one feature would be that on suspend/hibernate you would have to reenter the key.

Scope

Disk, partition and file encryption.

Design

Implementation

Unmounting/re-mounting on suspend/hibernate would be tricky in the laptop use case.

Code

About a year ago Andreas Jellinghaus pointed to cryptoinit as a interesting implementation. http://www.opentrust.com/content/view/135/142/lang,en/

Data preservation and migration

Encrypted data still needs to be readable even if it has a small amount of corruption.

Outstanding issues

BoF agenda and discussion

  • Would seahorse work for this, with its nautilus script? Though it crashes in Dapper while decrypting (reported upstream) -towsonu2003 11/05/2006

  • How about AES symmetric enrcyption bunddled with a simple & lightweight UI? - Shrirang 15-FEB-2007

  • There are quite a few ways to encrypt data it's just that not a single encryption method seems to be truly supported. I don't dare to encrypt the healthcare records in my organisation in fear that if things go bad (hdd corrupts something for example) I'm left with a unreadable binary blob.
    • But at this moment we have the risk that if the servers would be fiscally stolen those (unencrypted) records can be misused.
  • How do you distinguish whether the encrypted data is really corrupted or deliberately tampered. i was just thinking whether it is safe to decrypt it in case any discrepancy is found. i request you to comment on this.
    • Shrirang(27-FEB-2007)
  • Another case is on a laptop where you just want to keep some stuff secure just in case someone else walks off with it.
    • However one feature I think I've seen on other OSs is that on suspend/hibernate you would have to reenter the key - I can't see an easy way to implement that on top of something like LUKS.

      DaveGilbert(20-Apr-2007) I added this to the Wiki specification -- Tim Blokdijk

  • It would also be nice if encryption option could be available during install. There are several howtos that explain how to install on an encrypted root but nothing so far that could be easily integrated in a corporate / health environment
    • Luis Lopez (27-Apr-2007)
  • I think what we are dealing with is two separate issues:
    • 1) Encryption of files and folders, this could be achieved in a clunky manner by creating a program to encrypt / decrypt a given file / folder. Better yet would be for this to be in nautilus so that the encrypted folder can be handled like a real folder, even though its not a real folder. 2) Encrypting of partitions, this can be achieved by using dm-crypt, but its not easy to set up. it is possible to encrypt everything but /boot using dm-crypt and a initrd. My hope is that we can get this to be included into the installer as an option for notebook users. Thats the way I see things James (02-05-2007)

  • I'm actually working on some JavaCard Applets for replacing the OpenPGP Card Hardware (http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html) for more portability.

    • http://www.fsfe.org/en/card Why not use the Card (OpenPGPCard or JavaCard) for encryption? So, users just use the Card with some USB Card reader and PIN (instead of Passphrase) to encrypt / decrypt files (/the whole system) and sign mails and IM-communication by-default in Ubuntu? Everything simple and safe. --Ferdi 02/05/07

  • TrueCrypt http://encfs.sourceforge.net/ and EncFS http://www.truecrypt.org/ are two tools worth considering.

    • TrueCrypt can create an encrypted device in a file or partition. EncFS can create an encrypted device in a file. Both tools can be run without super user privileges.

  • It would be good if card based key systems worked with whatever system is the output of this blueprint; however
    • they mustn't be required. I've been tending to think in the direction of encrypted partitions rather than individual files; if it was a file based system I'd want to at least be able to specify that a whole directory was encrypted including automatically any new files created in there. -- Dave 2007-05-05
  • Hi!
    • I often use encfs and I need a GUI. I start to code one using Qt4.

      There are a lot of things to do but the last commit is enough to mount/unmount and create encrypted volumes. You can find it on Google Code ( http://code.google.com/p/enqfs/ ). Everyone can help me to code, add feature or anything else. Contact me for any question or information. -- Florent 2007-05-31

  • TrueCrypt came out with version 5.0 of their open-source software. It now includes a GUI for Linux (including a .deb for Ubuntu) and support for Mac OS X. Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.

    • It can be downloaded from here: http://www.truecrypt.org/downloads.php. Unfortunately, it's licensed under the TrueCrypt Collective License Version 1.3 which is much like the GPL, except you can not convert it to the GPL. -- Brett Alton 2008/02/07

CategorySpec

Also see EncryptedStorage

EasyEncryption (last edited 2008-08-06 16:41:34 by localhost)