Rubberhose (file system)

Last updated February 23, 2024

In computing, Rubberhose (also known by its development codename Marutukku)^[1] is a deniable encryption program which encrypts data on a storage device and hides the encrypted data. The existence of the encrypted data can only be verified using the appropriate cryptographic key. It was created by Julian Assange as a tool for human rights workers who needed to protect sensitive data in the field and was initially released in 1997.^[1]

Name and history

The name Rubberhose is a joking reference to the cypherpunks term rubber-hose cryptanalysis, in which encryption keys are obtained by means of violence.

It was written in 1997–2000 by Julian Assange, Suelette Dreyfus, and Ralf Weinmann.^[2]^[3]

Technical

The following paragraphs are extracts from the project's documentation:

Rubberhose works by initially writing random characters to an entire hard drive or other dynamic storage device. This random noise is indistinguishable from the encrypted data to be stored on that disk. If you have a 1 GB drive and want to have two Rubberhose encrypted portions of 400 MB and 200 MB, it assumes that each aspect (as the encrypted partitions are called) will be 1 GB and fill the entire drive. It will keep doing this until the drive is really filled to capacity with encrypted material. It breaks up the pieces of each aspect into small pieces and scatters them across the entire 1 GB drive in a random manner, with each aspect looking as if it is actually 1 GB in size upon decryption.
Each aspect has its own passphrase that must be separately decrypted, and if a hard drive is seized neither mathematical analysis nor physical disk testing can reveal how many aspects actually exist. Internal maps are used to locate where the data is stored amongst the random characters, with each aspect having its own map which can only be decrypted via its specific passphrase. Therefore, a Rubberhose disk can only be safely written to after all the passphrases have been entered. Everything works on a "need to know" basis, i.e. each aspect knows nothing about the others other than when to avoid writing over the top of another.

Status

Rubberhose is not actively maintained, although it is available for Linux kernel 2.2, NetBSD and FreeBSD. The latest version available, still in alpha stage, is v0.8.3.^[3]

Related Research Articles

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

Articles related to cryptography include:

In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack.

FileVault is a disk encryption program in Mac OS X 10.3 Panther (2003) and later. It performs on-the-fly encryption with volumes on Mac computers.

The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device.

In cryptography and steganography, plausibly deniable encryption describes encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot prove that the plaintext data exists.

Disk encryption software is computer security software that protects the confidentiality of data stored on computer media by using disk encryption.

Disk encryption is a special case of data at rest protection when the storage medium is a sector-addressable device. This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion of different software packages and hardware devices devoted to this problem, see disk encryption software and disk encryption hardware.

EncFS is a Free (LGPL) FUSE-based cryptographic filesystem. It transparently encrypts files, using an arbitrary directory as storage for the encrypted files.

The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and originally intended for Linux.

Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.

Filesystem-level encryption, often called file-based encryption, FBE, or file/folder encryption, is a form of disk encryption where individual files or directories are encrypted by the file system itself.

This is a technical feature comparison of different disk encryption software.

GBDE, standing for GEOM Based Disk Encryption, is a block device-layer disk encryption system written for FreeBSD, initially introduced in version 5.0. It is based on the GEOM disk framework. GBDE was designed and implemented by Poul-Henning Kamp and Network Associates Inc..

dm-crypt is a transparent block device encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD. It is part of the device mapper (dm) infrastructure, and uses cryptographic routines from the kernel's Crypto API. Unlike its predecessor cryptoloop, dm-crypt was designed to support advanced modes of operation, such as XTS, LRW and ESSIV, in order to avoid watermarking attacks. In addition to that, dm-crypt addresses some reliability problems of cryptoloop.

<span class="mw-page-title-main">Tinfoil Hat Linux</span>

Tinfoil Hat Linux (THL) was a compact security-focused Linux distribution designed for high security developed by The Shmoo Group. The first version (1.000) was released in February 2002. By 2013, it had become a low-priority project. Its image files and source are available in gzip format. THL can be used on modern PCs using an Intel 80386 or better, with at least 8 MB of RAM. The distribution fits on a single HD floppy disk. The small footprint provides additional benefits beyond making the system easy to understand and verify. The computer need not even have a hard drive, making it easier to "sanitize" the computer after use.

geli is a block device-layer disk encryption system written for FreeBSD, introduced in version 6.0. It uses the GEOM disk framework. It was designed and implemented by Paweł Jakub Dawidek.

Key disclosure laws, also known as mandatory key disclosure, is legislation that requires individuals to surrender cryptographic keys to law enforcement. The purpose is to allow access to material for confiscation or digital forensics purposes and use it either as evidence in a court of law or to enforce national security interests. Similarly, mandatory decryption laws force owners of encrypted data to supply decrypted data to law enforcement.

Rubber hose or Rubberhose may refer to:

References

1 2 Suelette Dreyfus (2012-10-29). "The Idiot Savants' Guide to Rubberhose". Archived from the original on 2012-10-29.
↑ Ralf Weinmann biography at https://cryptolux.org/Ralf-Philipp_Weinmann Archived September 29, 2011, at the Wayback Machine
1 2 "Rubberhose cryptographically deniable transparent disk encryption system". marutukku.org. Archived from the original on 16 July 2012. Retrieved 12 January 2022.

External links

"Rubberhose mirror". Archived from the original on 2011-07-26. Retrieved 2010-10-21.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
Marutukku.org documentation and downloads Archived 2012-07-16 at the Wayback Machine

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[dreyfus-1] 1 2 Suelette Dreyfus (2012-10-29). "The Idiot Savants' Guide to Rubberhose". Archived from the original on 2012-10-29.

[2] Ralf Weinmann biography at https://cryptolux.org/Ralf-Philipp_Weinmann Archived September 29, 2011, at the Wayback Machine

[marutukku-3] 1 2 "Rubberhose cryptographically deniable transparent disk encryption system". marutukku.org. Archived from the original on 16 July 2012. Retrieved 12 January 2022.

[1]

[2]

[3]

v t e Julian Assange
Organisations	WikiLeaks WikiLeaks Party
Works by	Rubberhose (1997–2000 file system) Cypherpunks (2012 book) World Tomorrow (2012 TV programme) "Multi_Viral" (2013 song)
Legal issues	Assange v Swedish Prosecution Authority Indictment and arrest Kunstler v. Central Intelligence Agency Surveillance
Works about	Underground (1997 book) WikiLeaks: Inside Julian Assange's War on Secrecy (2011 book) Julian (2012 film) Underground: The Julian Assange Story (2012 film) The Fifth Estate (2013 film) Risk (2016 film) Ithaka (2021 film)
Miscellaneous	Anything to Say? (2015 sculpture) Asylum (2015 TV series) Stella Assange (wife) Commentary about Julian Assange John Shipton (father)