diff --git a/CHANGELOG.md b/CHANGELOG.md index 5d1a7ff..14f447e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Global constants fully shared among components through `sflc_constants.h`. +## [0.4.2] - 2023-11-28 + +### Fixed + + - Fixed persistent slice allocation ambiguity after a volume corruption by allocating fresh slices for the corrupted volume. This is done in order to help external recovery tools (e.g. RAID). + - Fixed a bug that made the last PSI in the shuffled slice array unassignable. + - Fixed a missed deallocation problem which caused a kernel bug on volume close after some I/O errors. + - Fixed a buggy swap procedure which made the permutation of PSIs not completely random. + +### Changed + + - All schematics and references now consistently map array indices of size N from 0 to N-1 rather than from 1 to N. + + ## [0.4.1] - 2023-07-30 ### Fixed diff --git a/README.md b/README.md index d6feb84..0d2f98b 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ [![Status](resources/images/badges/badge_status_active.png)](https://codeberg.org/shufflecake/shufflecake-c)  -[![Version](resources/images/badges/badge_version_0.4.1.png)](https://codeberg.org/shufflecake/shufflecake-c/releases/tag/v0.4.1)  +[![Version](resources/images/badges/badge_version_0.4.2.png)](https://codeberg.org/shufflecake/shufflecake-c/releases/tag/v0.4.2)  [![License](resources/images/badges/badge_license_gplv2plus.png)](https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html)  -[![Docs whitepaper](resources/images/badges/badge_docs_whitepaper.png)](https://infoscience.epfl.ch/record/297353)  +[![Docs whitepaper](resources/images/badges/badge_docs_whitepaper.png)](https://eprint.iacr.org/2023/1529)  [![Website](resources/images/badges/badge_web_shufflecakedotnet.png)](https://shufflecake.net/)  [![Issue tracker](resources/images/badges/badge_community_issuetracker.png)](https://codeberg.org/shufflecake/shufflecake-c/issues)  [![Mastodon](resources/images/badges/badge_community_mastodon.png)](https://fosstodon.org/@shufflecake)  @@ -11,7 +11,7 @@ -# Shufflecake - Full C Implementation - v0.4.1 +# Shufflecake - Full C Implementation - v0.4.2 _Shufflecake_ is a plausible deniability (hidden storage) layer for Linux. You can consider Shufflecake a spiritual successor of tools like TrueCrypt and VeraCrypt, but vastly improved, both in terms of security and functionality. Official website: . @@ -47,9 +47,9 @@ __WARNING__: Shufflecake is still experimental software, please do not rely on i In the context of Shufflecake, a _device_, or _cake_, is the underlying raw block device (e.g., a disk) that is formatted to contain hidden data, while a _volume_, or _layer_, is the logical, encrypted and hidden "partition" within a device. The device can be a whole USB stick (or disk), a physical or logical partition, a file-backed loop device, etc. (you likely find it under `/dev`). The three operating principles of Shufflecake are: -- 1 device = multiple volumes -- 1 volume = 1 password = 1 "secrecy level" -- unlocking a volume also unlocks all those of lesser secrecy level +- 1 device = multiple volumes; +- 1 volume = 1 password = 1 "secrecy level"; +- unlocking a volume also unlocks all those of lesser secrecy level. Volumes are password-protected, and embedded in the underlying device as data _slices_ which are indistinguishable from random noise without the proper password. Headers are also indistinguishable from random when not decrypted. A Shufflecake-initialized device does not have cleartext headers, and is indistinguishable from random noise when not decrypted. @@ -59,7 +59,7 @@ Up to 15 _ordered_ Shufflecake volumes can be created on a single device, with t Opened volumes appear as block devices of the form `sflc_N_M` in `/dev/mapper`. It is up to the user to format them with an appropriate filesystem and mounting them before use. It is recommended to always unlock the most sensitive volume for daily use ("home alone" scenario), even if that volume is not being used or even mounted. Only open a subset of volumes (with a "decoy password") if under coercion. This is due to the high possibility of corrupting hidden volumes otherwise. -For security and consistency reasons, you cannot init/open/close nested volumes within the same device one at a time; the tool only allows to perform these operations on a _chain_ of volumes in a device. +For security and consistency reasons, you cannot init/open/close nested volumes within the same device one at a time; this tool only allows to perform these operations on a _chain_ of volumes in a device. @@ -67,7 +67,7 @@ For security and consistency reasons, you cannot init/open/close nested volumes ## Installation -This implementation of Shufflecake consists of two components: a module for the Linux kernel (`dm-sflc`), and a `shufflecake` userland tool. Both are necessary in order to use Shufflecake. They have been tested on Linux kernel versions 6.1 (LTS), 6.2 and 6.3. The following instructions are given for Debian/Ubuntu and similar derivatives. +This implementation of Shufflecake consists of two components: a module for the Linux kernel (`dm-sflc`), and a `shufflecake` userland tool. Both are necessary in order to use Shufflecake. They have been tested on Linux kernel versions 6.1 (LTS), up to 6.5. The following instructions are given for Debian/Ubuntu and similar derivatives. First of all, you need the kernel headers, device-mapper userspace library, and libgcrypt to compile the source. Use: @@ -80,6 +80,7 @@ Important: you have to make sure to install an up-to-date version of `libgcrypt` ``` libgcrypt-config --version ``` +Also, make sure that the Kconfig options `CONFIG_CRYPTO_DRBG_HASH` (and possibly `CONFIG_CRYPTO_DRBG_CTR`) are enabled, as they are not default options in the kernel's defconfig, although they are enabled by default on some distributions such as Debian and Ubuntu. After that, just run `make`. All the compilation artifacts will go in the respective subdirectories, and a copy of the kernel module `dm_sflc.ko` and the userland tool `shufflecake` will appear in the root directory. You can clean (delete) all these artifacts with `make clean`. @@ -93,7 +94,7 @@ Limited tests are provided to check pre-install consistency, for now they only t ### Benchmarks -A complete benchmark suite is provided in the `benchmark-suite` directory, to test the performance of Shufflecake on a given machine and against other tools such as LUKS and VeraCrypt. Please refer to the documentation in that directory for instructions on how to run the benchmark scripts. +A complete benchmark suite is provided in the `benchmark-suite` directory, to test the performance of Shufflecake on a given system and against other tools such as LUKS and VeraCrypt. Please refer to the documentation in that directory for instructions on how to run the benchmark scripts. @@ -124,13 +125,13 @@ You can only do this if no Shufflecake volume is open. sudo shufflecake init ``` -This command creates __N__ volume headers on the given device, each sealed by the respective provided password, by properly formatting and encrypting the first __N__ volume header slots. The number of desired volumes __N__ and the related __N__ passwords will be interactively asked at prompt. Alternatively, you can pass __N__ by command line with: +This command creates __L__ volume headers on the given device, each sealed by the respective provided password, by properly formatting and encrypting the first __L__ volume header slots. The number of desired volumes __L__ and the related __L__ passwords will be interactively asked at prompt. Alternatively, you can pass __L__ by command line with: ``` -sudo shufflecake --num-volumes=N init +sudo shufflecake --num-volumes=L init ``` -WARNING: If the device is not empty, you will lose all data stored therein. Also, adding additional volumes after initialisation is not yet supported. +__WARNING__: If the device is not empty, you will lose all data stored therein. Also, adding additional volumes after initialisation is not yet supported. This command does not open the volumes (it does not create the virtual devices under `/dev/mapper/`), it only overwrites the device with randomness and formats the encrypted headers. @@ -230,6 +231,11 @@ Both methods works with the `init` action, and we do not have current plans to c Please see the file `CHANGELOG.md` for a detailed history of changes. +### [0.4.2] - 2023-11-28 + + - Fixed persistent slice allocation ambiguity after a volume corruption by allocating fresh slices for the corrupted volume. This is done in order to help external recovery tools (e.g. RAID). + - Various bugfixes. + ### [0.4.1] - 2023-07-30 - Fixed and improved benchmark scripts. @@ -255,7 +261,8 @@ Bugs and other issues are tracked at + ry="2.0600297" + rx="2.1743569" /> 1 + y="56.927811">0 1 + y="56.927811">0 2 + y="56.927811">1 2 + y="56.927811">1 15 + y="56.927811">14 15 + y="56.927811">14 15 + y="69.415131">14 15 + y="69.415131">14 2 + y="86.697533">1 2 + y="78.100777">1 2 + y="88.452538">1 VMBkey + y="92.950294">VMK 1 + x="117.41192" + y="93.41362">0 NumSlices Metadata | | | | 2 + y="81.268738">1 2 + y="81.023582">1 2 + y="81.023582">1 2 + y="93.41362">1 2 + x="138.43971" + y="93.41362">1 2 + y="69.512749">1 2 + y="69.512749">1 @@ -1329,7 +1330,7 @@ id="tspan2600" style="font-style:normal;font-variant:normal;font-weight:600;font-stretch:normal;font-family:FreeSans;-inkscape-font-specification:'FreeSans Semi-Bold';fill:#0000ff;fill-opacity:1;stroke-width:0.0573041" x="147.63687" - y="82.810692">1 + y="82.810692">0 2 + y="82.810692">1 NumSlices + y="82.810692">NumSlices-1 2 + y="71.868858">1 2 + y="69.415131">1 2 + y="69.415131">1 1 + y="69.415131">0 1 + y="69.415131">0 0.4.1 + y="76.044922">0.4.2