- Studies (moved into the archive on 2006/09/17)
- I'm done since last year. No need to have my study related documents in the site navigation. Moved here for future students to come.
- LRW for Linux (moved into the archive on 2006/02/06)
- The Linux kernel is a design disaster. This might be a consequence of the development style. However, the result is that I have dropped any intentions to support LRW on Linux. The code is there, it is compilant to the LRW draft and it works even faster than CBC encryption. Unfortunately, it's broke and I refuse to pierce my abstraction to code a workaround. As the other kernel developers refused to fix their broken in kernel memory management, I took the consequences and cancelled my project. You can find the LRW patches in the patch crate and in LKML.
- Linux hard disk encryption settings
- a total disclosure document on all available options and their weaknesses. This document is obsolete and it was incorporated into "New Methods in Hard Disk Encryption" (see Publications). Obsolete Version.
- aes-i586 (moved into the archive on 2006/02/06)
- Dr Brian Gladman's implementation of the Advanced Encryption Standard, Rijndael, ported to Linux 2.6's CryptoAPI. Well tested, stable. An asm version of AES has been merged in 2.6.8, but the version merged has been reworked because of Copyright issues. The rework omits the assembler version of the key expansion and a few optimization made by Jari Ruusu. This patch backs out the merged version and installs the source as distributed by Jari Ruusu. Note that this version is licensed under BSD and GPL. Status: aes-i586 was merged, however Linus Torvalds reconverted Gladman's sources as Ruusu objected the inclusion of his source. Patch against Linux 2.6.8.
- twofish-i586 (moved into the archive on 2006/02/06)
- Counterpane's assembler implementation of my favourite cipher, Twofish, ported to Linux 2.6's CryptoAPI. Status: encryption/decryption works, althought there is a dependancy on Microsoft Assembler (MASM). Partially converted to gas. Will not be completed as the whole cryptographic world is looking at AES for the next few years. Project website.
- secpack - automatic security updates for Debian (moved into the archive on 2006/02/06)
- Unattended security updates for Debian systems utilising signature checking.Project website
- SSH 1.2.20 win32 port
- This is a more than obsolete win32 port of SSH 1.2.20, a cryptographically secure rsh replacement. This version has grave security bugs and the source is only provided for reference. Please refrain from using it. Putty is a full featured alternative. [On your own risk]
- Kerneli CryptoAPI Debian
- These Debian package will provide you with drop-in kerneli CryptoAPI and cryptoloop support. No patches needed, as long as you don't care for security, since these drop-in packages are made for obsolete kernels with long-known security problems. I recommend _not_ using them. [On your own risk]
- Kerneli CryptoAPI Kernel patch packages for Debian
- If your using the Debian make-kpkg facility to build your kernel these packages might be useful to you. However they are unmaintained and might be broken for more recent kernel versions. Thanks to Ivo Timmermans they have been accepted into Debian as cryptoapi-core-source and cryptoloop-source, _but_ since 2.4.22 the kernel incorporates the 2.5 CryptoAPI so you might not want to use Kerneli's. [On your own risk]