====== Chiffrement ====== ===== Thèmes ===== * [[Blu-ray]] * [[GnuTLS]] * [[GPG]] et [[doc:ma clef GPG]] * [[Droit de chiffrer]] * [[openssl]] * [[sha-1]] * [[ssh]] * [[sshfs]] * http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns * http://blog.zugschlus.de/archives/523-EasyRSA-on-Debian-for-an-OpenVPN-CA.html * Très intéressant : http://www.hermann-uwe.de/blog/towards-a-moderately-paranoid-debian-laptop-setup--part-1-base-system ===== De partitions ===== * http://madduck.net/docs/cryptdisk/ * À la Ubuntu : https://wiki.ubuntu.com/EncryptedFilesystemHowto * http://feeding.cloud.geek.nz/2008/05/encrypting-your-home-directory-using.html * http://feeds.feedburner.com/~r/UbuntuTutorials/~3/145370028/ * http://www.cs278.org/blog/ubuntu-configuration/feisty-debootstrap-encrypted-install/ * http://en.wikipedia.org/wiki/Disk_encryption_software * Dm-crypt : * http://ftp.traduc.org/doc-vf/gazette-linux/html/2005/114/lg114-E.html * http://glenux2.free.fr/index.php?2006/03/26/5-balader-des-partitions-chiffrees * Il n'y a pas plus d'inconvénient : http://blog.madduck.net/geek/2006.08.12-cipher-blocks-and-physical-blocks * Question (peu de réponses) : http://linuxfr.org/forums/41/20185.html * http://blog.incase.de/index.php/2007/02/20/dual-boot-and-full-encryption-part-2/ * http://www.student.tue.nl/Q/j.f.berndsen/debian/ * Réflexions : http://feeding.cloud.geek.nz/2008/04/two-tier-encryption-strategy-archiving.html * Attaques : http://www.hermann-uwe.de/blog/lest-we-remember--cold-boot-attacks-on-encryption-keys ==== LUKS ==== * http://mixinet.net/~sto/blog/sysadmin/20090226_macbook_cryptsetup_take_3/ * http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian * LUKS : http://blog.dlgeek.net/?p=84 * http://web.glandium.org/blog/?p=139 * https://help.ubuntu.com/community/EncryptedFilesystem * http://johnleach.co.uk/words/archives/2006/12/06/245/ * retailler : http://www.enricozini.org/2008/tips/resize-luks.html * Et ssh : http://ubuntuforums.org/showthread.php?t=829768 * Amovibles : http://www.fabianrodriguez.com/blog/2009/01/21/easy-removable-storage-encryption-that-works-with-hardy-and-intrepid/ ==== Comparaison ==== * http://www.corsac.net/?rub=blog&post=1327 ==== Démarrage ==== === grub === * http://blog.sietch-tabr.com/index.php/post/2007/09/28/reinstallation-de-GRUB-sur-le-MBR-avec-un-systeme-sur-un-LVM-chiffre === clef === * http://www.matthew.ath.cx/articles/cryptkey * Système sur clef : http://www.debian-administration.org/articles/179 ==== Liens (pour orthosie) ==== * http://www.debianhelp.org/node/6835 * http://sicherheitsschwankung.de/post/jan/2005-12-13/migrating-dm-crypt-lvm-root-debian * http://wiki.debian.org/DebianInstaller/FAQ#head-c7d5c839c7985d0705132cd8d8b607fd6a067f53 * http://changelog.complete.org/posts/541-Disk-encryption-support-in-Etch.html * http://www.debian-administration.org/articles/428 * http://www.saout.de/tikiwiki/tiki-index.php * http://www.saout.de/tikiwiki/tiki-index.php?page=HOWTO ==== Partition d'échange ===== * http://feeding.cloud.geek.nz/2008/03/encrypted-swap-partition-on.html ===== eCryptfs ===== * http://lwn.net/Articles/156921/ * Répertoires privés : http://dustinkirkland.wordpress.com/2008/10/03/whats-in-my-encrypted-private-directory/ ===== Encfs ===== * http://hollowtube.mine.nu/wiki/index.php/PAM/PamEncfs * Mode graphique : http://www.aigarius.com/blog/2008/02/02/using-fuse-encfs-in-a-graphical-way/ ===== Clefs sur clef ====== * http://www.linux.codehelp.co.uk/serendipity/index.php?/archives/131-Adapting-autofs-for-GPG-keys-to-an-SD-card.html * http://www.mattb.net.nz/blog/2006/04/13/loading-gpg-ssh-keys-from-a-usb-key-round-2/ * http://www.mattb.net.nz/debian/misc/manage-keys * https://help.ubuntu.com/community/GPGKeyOnUSBDrive * http://www.einval.com/~steve/docs/gpg-autofs.html * http://artisan.karma-lab.net/node/1164 * http://www.matthew.ath.cx/articles/cryptkey ===== Courbes elliptiques ======= * SKS : http://pagina.de/sks * http://packages.debian.org/unstable/utils/sks-ecc * http://packages.debian.org/unstable/utils/seccure ===== Bibliothèques ===== * http://directory.fsf.org/libgcrypt.html ===== Mauvaises pratiques ===== * http://www.advogato.org/person/vorlon/diary.html?start=16 * WEP : http://linuxfr.org/2006/08/16/21198.html ==== TLS 1.0 est pourri ==== * http://www.bortzmeyer.org/beast-tls.html ===== Recherche en crypto ===== * http://linuxfr.org/2006/11/20/21654.html ==== Chercheurs ==== * Anne Canteaut : https://www.enseignementsup-recherche.gouv.fr/fr/portrait-d-anne-canteaut-laureate-du-prix-irene-joliot-curie-2023-94833 ===== Traçage https ===== * http://packages.debian.org/unstable/net/spikeproxy ===== Cryptonit ===== * http://linuxfr.org/2006/12/19/21786.html ===== Performances ===== * http://etbe.blogspot.com/2006/12/encryption-speed-debian-vs-fedora.html ===== HDDVD ===== * http://forum.doom9.org/showpost.php?p=924730&postcount=244 * Clefs : * http://sam.zoy.org/blog/2007-05-03-obligatory-r * http://09f911029d74e35bd84156c5635688c0.eu/ * http://blog.halon.org.uk/2007/05/04#hd-dvd-key-button ===== DVD non chiffrés ===== * http://www.videolan.org/removed/freedvd.html ===== Clefs et courriels ===== * http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns ===== Pour la monnaie ? ===== * http://kitenet.net/~joey/blog/entry/re:_online_shopping/ ===== Sans-fil ===== * http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html ====== Astuces ====== * Pour ssh dans konqueror : ''fish:/''''/'' selon http://business.newsforge.com/business/06/03/09/2238246.shtml?tid=37 * Des SMS : http://www.hermann-uwe.de/blog/encrypted-sms-solutions ===== (Hum) Rot-13 ===== * http://www.sesame-ouvre-toi.net/caverne/rot13.html