|
ECryptfs
__NOTOC__ eCryptfs (''Enterprise Cryptographic Filesystem'') is a package of disk encryption software for Linux. Its implementation is a POSIX-compliant filesystem-level encryption layer, aiming to offer functionality similar to that of GnuPG at the operating system level, and has been part of the Linux kernel since version 2.6.19. The eCryptfs package has been included in Ubuntu since version 9.04 to implement Ubuntu's encrypted home directory feature, but is now deprecated eCryptfs is derived from Erez Zadok's Cryptfs. It uses a variant of the OpenPGP file format for encrypted data, extended to allow random access, storing cryptographic metadata (including a per-file randomly generated session key) with each individual file. It also encrypts file and directory names which makes them internally longer (average one third). The reason is it needs to uuencode the encrypted names to eliminate unwanted characters in the resulting name. This lowers the maximum usable byte name length ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
C (programming Language)
C (''pronounced like the letter c'') is a General-purpose language, general-purpose computer programming language. It was created in the 1970s by Dennis Ritchie, and remains very widely used and influential. By design, C's features cleanly reflect the capabilities of the targeted CPUs. It has found lasting use in operating systems, device drivers, protocol stacks, though decreasingly for application software. C is commonly used on computer architectures that range from the largest supercomputers to the smallest microcontrollers and embedded systems. A successor to the programming language B (programming language), B, C was originally developed at Bell Labs by Ritchie between 1972 and 1973 to construct utilities running on Unix. It was applied to re-implementing the kernel of the Unix operating system. During the 1980s, C gradually gained popularity. It has become one of the measuring programming language popularity, most widely used programming languages, with C compilers avail ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Random Access
Random access (more precisely and more generally called direct access) is the ability to access an arbitrary element of a sequence in equal time or any datum from a population of addressable elements roughly as easily and efficiently as any other, no matter how many elements may be in the set. In computer science it is typically contrasted to sequential access which requires data to be retrieved in the order it was stored. For example, data might be stored notionally in a single sequence like a row, in two dimensions like rows and columns on a surface, or in multiple dimensions. However, given all the coordinates, a program can access each record about as quickly and easily as any other. In this sense, the choice of datum is arbitrary in the sense that no matter which item is sought, all that is needed to find it is its address, i.e. the coordinates at which it is located, such as its row and column (or its track and record number on a magnetic drum). At first, the term "random a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Encrypting File System
The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer. EFS is available in all versions of Windows except the home versions (see Supported operating systems below) from Windows 2000 onwards. By default, no files are encrypted, but encryption can be enabled by users on a per-file, per-directory, or per-drive basis. Some EFS settings can also be mandated via Group Policy in Windows domain environments. Cryptographic file system implementations for other operating systems are available, but the Microsoft EFS is not compatible with any of them. See also the list of cryptographic file systems. Basic ideas When an operating system is running on a system without file encryption, access to files normally goes through OS-controlled user authentication and acces ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FileVault
FileVault is a disk encryption program in Mac OS X 10.3 (2003) and later. It performs on-the-fly encryption with volumes on Mac computers. Versions and key features FileVault was introduced with Mac OS X Panther (10.3), and could only be applied to a user's home directory, not the startup volume. The operating system uses an encrypted sparse disk image (a large single file) to present a volume for the home directory. Mac OS X Leopard and Mac OS X Snow Leopard use more modern sparse bundle disk images which spread the data over 8 MB files (called ''bands'') within a bundle. Apple refers to this original iteration of FileVault as ''legacy FileVault''. Mac OS X Lion (10.7) and newer offer FileVault 2, which is a significant redesign. This encrypts the entire OS X startup volume and typically includes the home directory, abandoning the disk image approach. For this approach to disk encryption, authorised users' information is loaded from a separate non-encrypted boot volume (pa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dm-crypt
dm-crypt is a transparent block device encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD. It is part of the device mapper (dm) infrastructure, and uses cryptographic routines from the kernel's Crypto API. Unlike its predecessor cryptoloop, dm-crypt was designed to support advanced modes of operation, such as XTS, LRW and ESSIV (see disk encryption theory for further information), in order to avoid watermarking attacks. In addition to that, dm-crypt addresses some reliability problems of cryptoloop. dm-crypt is implemented as a device mapper target and may be stacked on top of other device mapper transformations. It can thus encrypt whole disks (including removable media), partitions, software RAID volumes, logical volumes, as well as files. It appears as a block device, which can be used to back file systems, swap or as an LVM physical volume. Some Linux distributions support the use of dm-crypt on the root file system. These distributions use ini ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
EncFS
EncFS is a Free (LGPL) FUSE-based cryptographic filesystem. It transparently encrypts files, using an arbitrary directory as storage for the encrypted files. Two directories are involved in mounting an EncFS filesystem: the source directory, and the mountpoint. Each file in the mountpoint has a specific file in the source directory that corresponds to it. The file in the mountpoint provides the unencrypted view of the one in the source directory. Filenames are encrypted in the source directory. Files are encrypted using a volume key, which is stored either within or outside the encrypted source directory. A password is used to decrypt this key. Common uses * In Linux, allows encryption of home folders as an alternative to eCryptfs. * Allows encryption of files and folders saved to cloud storage (Dropbox, Google Drive, OneDrive, etc.). * Allows portable encryption of file folders on removable disks. * Available as a cross-platform folder encryption mechanism. * Increases storag ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Comparison Of Disk Encryption Software
This is a technical feature comparison of different disk encryption software. Background information Operating systems Features * Hidden containers: Whether hidden containers (an encrypted container (A) within another encrypted container (B) so the existence of container A can not be established) can be created for deniable encryption. Note that some modes of operation like CBC with a plain IV can be more prone to watermarking attacks than others. * Pre-boot authentication: Whether authentication can be required before booting the computer, thus allowing one to encrypt the boot disk. * Single sign-on: Whether credentials provided during pre-boot authentication will automatically log the user into the host operating system, thus preventing password fatigue and reducing the need to remember multiple passwords. * Custom authentication: Whether custom authentication mechanisms can be implemented with third-party applications. * Multiple keys: Whether an encrypted volume can have m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Disk Encryption Software
Disk encryption software is computer security software that protects the confidentiality of data stored on computer media (e.g., a hard disk, floppy disk, or USB device) by using disk encryption. Compared to access controls commonly enforced by an operating system (OS), encryption passively protects data confidentiality even when the OS is not active, for example, if data is read directly from the hardware or by a different OS. In addition crypto-shredding suppresses the need to erase the data at the end of the disk's lifecycle. Disk encryption generally refers to wholesale encryption that operates on an entire volume mostly transparently to the user, the system, and applications. This is generally distinguished from file-level encryption that operates by user invocation on a single file or group of files, and which requires the user to decide which specific files should be encrypted. Disk encryption usually includes all aspects of the disk, including directories, so that an adver ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Disk Encryption
Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage. The expression ''full disk encryption (FDE)'' (or ''whole disk encryption'') signifies that everything on the disk is encrypted, but the master boot record (MBR), or similar area of a bootable disk, with code that starts the operating system loading sequence, is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR. Transparent encryption Transparent encryption, also known as real-time encryption and on-the-fly encryption (OTFE), is a method used by some disk encryption software. "Transparent" refers to the fact that data is automatically encrypted or decrypted as it is loaded or sa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Uuencoding
uuencoding is a form of binary-to-text encoding that originated in the Unix programs uuencode and uudecode written by Mary Ann Horton at UC Berkeley in 1980, for encoding binary data for transmission in email systems. The name "uuencoding" is derived from Unix-to-Unix Copy, i.e. "Unix-to-Unix encoding" is a safe encoding for the transfer of arbitrary files from one Unix system to another Unix system but without guarantee that the intervening links would all be Unix systems. Since an email message might be forwarded through or to computers with different character sets or through transports which are not 8-bit clean, or handled by programs that are not 8-bit clean, forwarding a binary file via email might cause it to be corrupted. By encoding such data into a character subset common to most character sets, the encoded form of such data files was unlikely to be "translated" or corrupted, and would thus arrive intact and unchanged at the destination. The program uudecode reverses the ef ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Session Key
A session key is a single-use symmetric key used for encrypting all messages in one communication session. A closely related term is content encryption key (CEK), traffic encryption key (TEK), or multicast key which refers to any key used for encrypting messages, contrary to other uses like encrypting other keys (key encryption key (KEK) or key encryption has been made public key). Session keys can introduce complications into a system, yet they solve some real problems. There are two primary reasons to use session keys: # Several cryptanalytic attacks become easier the more material encrypted with a specific key is available. By limiting the amount of data processed using a particular key, those attacks are rendered harder to perform. # asymmetric encryption is too slow for many purposes, and all secret key algorithms require that the key is securely distributed. By using an asymmetric algorithm to encrypt the secret key for another, faster, symmetric algorithm, it's possible t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Metadata
Metadata is "data that provides information about other data", but not the content of the data, such as the text of a message or the image itself. There are many distinct types of metadata, including: * Descriptive metadata – the descriptive information about a resource. It is used for discovery and identification. It includes elements such as title, abstract, author, and keywords. * Structural metadata – metadata about containers of data and indicates how compound objects are put together, for example, how pages are ordered to form chapters. It describes the types, versions, relationships, and other characteristics of digital materials. * Administrative metadata – the information to help manage a resource, like resource type, permissions, and when and how it was created. * Reference metadata – the information about the contents and quality of statistical data. * Statistical metadata – also called process data, may describe processes that collect, process, or produce st ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
