PRIVATE and TOP SECRET

*** LATEST NEWS - patches for 2.0.37 and 2.2.11 AVAILABLE ***


ENCRYPTED DISC DEVICE DRIVER

PPDD is a device driver for Linux. It allows you to create a device which looks like a disc partition. You can then create an ext2 filesystem on this device. The data is in reality written to and read from a real disc - either a partition or a file on a normal filesystem. Everything on the disc is encrypted. The encryption algorithm is blowfish. Clearly more than just a device driver is involved in this and I have tried to make the overall system secure and foolproof.

All versions to date are beta releases - that means that there is a risk that undiscovered bugs will erase all your data and that there may well be security holes.

So far only an Intel-86 version has been produced - mainly because the encryption engine is in assembler to ensure optimal performance.

All the revisions below include the ability to encrypt the root filesystem and swap files so that the chances of accidentally leaving secret material on disc are very small indeed. At the current stage of development this feature requires a reasonable knowledge of Linux - particularly the boot process - on the part of the sysadmin who implements it.

 Revision 0.95 is now available. For those of you who have already downloaded 0.93 or 0.94 you need to be aware that the changes involve only minor aspects of compilation under particular circumstances - the actual programs are unchanged. If what you have compiles for you then there's to need to download the latest. Please try it but do come back to this page later in the year to see if there has been an update. As promised the documentation has been improved. There are now "man" pages at long last. Several bugs were reported with 0.8 which have been fixed in this release. The most serious concerns filesystem corruptions on filesystems larger than 2Gb. A further step forward is that ppdd is now SMP safe.

 download ppdd-0.9

 

Earlier revisions than 0.9 are not recommended. The goal is a 1.0 version which can be installed and used by an "average user". The target date for that is the end of the twentieth century (not long to wait).

 

Latest news and tips:

The newest revisions of e2fsck (fsck) need an entry in /etc/fstab or the result is a segfault - I view this as a bug in fsck but I have had it reported to me several times. So if fsck segfaults while running "make test" get an earlier version (0.12 is OK) or put an entry in /etc/fstab for /dev/ppdd0. It doesn't matter what mount point you choose.

PPDD seems to have trouble dealing with some cd-rom devices. I need to know more from anyone having problems (or success) in this area.

Here are the latest kernel patches for 2.0.37 and 2.2.11 for use with ppdd-0.9 download .

 

There is now a mailing list available for ppdd. ppdd@linux01.gwdg.de

If you have any queries, comments or problems, or if you just want to keep up-to-date on the latest news then please subscribe. All you need to do is to send a message to this mail address ppdd-request@linux01.gwdg.de with the single word "subscribe" (without the quotation marks) in the body of the message.

 

August 1999 Allan Latham alatham@flexsys-group.com