Re: Encrypted filesystem

Systemkennung Linux (
Fri, 31 Jan 1997 21:59:40 +0100 (MET)

> Stephan Meyer wrote:
> > I live in Munich, Germany.
> Mmm, the last thing I heard, the German Govt. was talking about adopting the
> French laws on Crypto.. Did anything come of this?

The legal situation in Germany is still unchanged. Everything that is
forbidden is exporting encryption technology which isn't already
commonly available. Means exporting PGP etc. isn't forbidden by German

> > It's my understanding that the IDEA algorithm is copyrighted, but free to
> > use for noncommercial applications. Is that right? That way, we probably
> > couldn't include something like that in the kernel source tree.
> >
> > Is there a strong but secure algorithm? (I do not trust DES :)

RSA's RC5 looks prtty promising. There is currently a contest who
can break RC5 fastest. It took us 3.85 hours to bute force a 40 key
(remember, that's what the US gouvernment believes to be secure enough ...)
someone else made it in just 2.5h. Right now we're attempting to break
an 48 bit key using upto 1200 and more CPUs. RC5 hasn't been
examined into deepth yet, so if you're paranoid ...

Anyway, whoever is willing to spend CPU power into heling to break that
RC5 key should mail me or read my posting to sci.crypt. We take any
number of CPUs.

> What about Blowfish? Schnier's algorithm is free for any use:
> > Please excuse, if this sounds like newbie-sh*t. I would be willing to
> > invest a considerable amount of work into a *secure* non-DES filesystem.
> Would you be providing it as a patch against 2.0.xx or 2.1.xx or BOTH?

First of all you could hook an encrypting filesystem as a kind of an
userspace NFS server into the OS. CFS does this already and due to
the low speed of encrypted filesystems this isn't necessarily an
disadavtage. Then there is currently another ongoing project which I
haven't yet had the time to check out: (/pub/tcfs/sources/tcfs_2.0) anonymous login.