MaruTukku
Encyclopedia
In computing, rubberhose (also known by its development codename Marutukku) is a deniable encryption
archive containing multiple file system
s whose existence can only be verified using the appropriate cryptographic key.
on those who knew the encryption keys. This is a reference to the rubber-hose cryptanalysis
euphemism.
It was written in 1997–2000 by Julian Assange
, Suelette Dreyfus
and Ralf Weinmann.
It was originally designed for use by human rights
groups working in third world
dictatorship
s, but was often proposed for use in other countries such as the United Kingdom
where threats of imprisonment can be used to force people to reveal their encryption keys (see Regulation of Investigatory Powers Act 2000
).
2.2, NetBSD
and FreeBSD
. Latest version available, still in alpha stage, is v0.8.3.
As of 2006, the domain rubberhose.org does not host the Rubberhose project anymore.
Deniable encryption
In cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it. Such convincing denials may or may not be genuine. For example, although suspicions might exist that the data is...
archive containing multiple file system
File system
A file system is a means to organize data expected to be retained after a program terminates by providing procedures to store, retrieve and update data, as well as manage the available space on the device which contain it. A file system organizes data in an efficient manner and is tuned to the...
s whose existence can only be verified using the appropriate cryptographic key.
Name and history
The project was originally named Rubberhose, as it was designed to be resistant to attacks by people willing to use tortureTorture
Torture is the act of inflicting severe pain as a means of punishment, revenge, forcing information or a confession, or simply as an act of cruelty. Throughout history, torture has often been used as a method of political re-education, interrogation, punishment, and coercion...
on those who knew the encryption keys. This is a reference to the rubber-hose cryptanalysis
Rubber-hose cryptanalysis
In cryptography, rubber-hose cryptanalysis is the extraction of cryptographic secrets from a person by coercion or torture, in contrast to a mathematical or technical cryptanalytic attack....
euphemism.
It was written in 1997–2000 by Julian Assange
Julian Assange
Julian Paul Assange is an Australian publisher, journalist, writer, computer programmer and Internet activist. He is the editor in chief of WikiLeaks, a whistleblower website and conduit for worldwide news leaks with the stated purpose of creating open governments.WikiLeaks has published material...
, Suelette Dreyfus
Suelette Dreyfus
Suelette Dreyfus is an Australian-American technology journalist and researcher, and author of the 1997 cult classic Underground: Hacking, Madness and Obsession on the Electronic Frontier...
and Ralf Weinmann.
It was originally designed for use by human rights
Human rights
Human rights are "commonly understood as inalienable fundamental rights to which a person is inherently entitled simply because she or he is a human being." Human rights are thus conceived as universal and egalitarian . These rights may exist as natural rights or as legal rights, in both national...
groups working in third world
Third World
The term Third World arose during the Cold War to define countries that remained non-aligned with either capitalism and NATO , or communism and the Soviet Union...
dictatorship
Dictatorship
A dictatorship is defined as an autocratic form of government in which the government is ruled by an individual, the dictator. It has three possible meanings:...
s, but was often proposed for use in other countries such as the United Kingdom
United Kingdom
The United Kingdom of Great Britain and Northern IrelandIn the United Kingdom and Dependencies, other languages have been officially recognised as legitimate autochthonous languages under the European Charter for Regional or Minority Languages...
where threats of imprisonment can be used to force people to reveal their encryption keys (see Regulation of Investigatory Powers Act 2000
Regulation of Investigatory Powers Act 2000
The Regulation of Investigatory Powers Act 2000 is an Act of the Parliament of the United Kingdom, regulating the powers of public bodies to carry out surveillance and investigation, and covering the interception of communications...
).
Technical
The following paragraphs are extracts from the project's documentation:- Rubberhose works by initially writing random characters to an entire hard drive or other dynamic storage device. This random noise is indistinguishable from the encrypted data to be stored on that disk. If you have a 1 GB drive and want to have two Rubberhose encrypted portions of 400 MB and 200 MB, it assumes that each aspect (as the encrypted partitions are called) will be 1 GB and fill the entire drive. It will keep doing this until the drive is really filled to capacity with encrypted material. It breaks up the pieces of each aspect into small pieces and scatters them across the entire 1 GB drive in a random manner, with each aspect looking as if it is actually 1 GB in size upon decryption.
- Each aspect has its own passphrase that must be separately decrypted, and if a hard drive is seized neither mathematical analysis nor physical disk testing can reveal how many aspects actually exist. Internal maps are used to locate where the data is stored amongst the random characters, with each aspect having its own map which can only be decrypted via its specific passphrase. Therefore, a Rubberhose disk can only be written to after all the passphrases have been entered. Everything works on a "need to know" basis, i.e. each aspect knows nothing about the others other than when to avoid writing over the top of another.
Status
Rubberhose is not actively maintained, although it is currently available for Linux kernelLinux kernel
The Linux kernel is an operating system kernel used by the Linux family of Unix-like operating systems. It is one of the most prominent examples of free and open source software....
2.2, NetBSD
NetBSD
NetBSD is a freely available open source version of the Berkeley Software Distribution Unix operating system. It was the second open source BSD descendant to be formally released, after 386BSD, and continues to be actively developed. The NetBSD project is primarily focused on high quality design,...
and FreeBSD
FreeBSD
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called “UNIX”, as the direct descendant of BSD UNIX , FreeBSD’s internals and system APIs are UNIX-compliant...
. Latest version available, still in alpha stage, is v0.8.3.
As of 2006, the domain rubberhose.org does not host the Rubberhose project anymore.
See also
- Rubber-hose cryptanalysisRubber-hose cryptanalysisIn cryptography, rubber-hose cryptanalysis is the extraction of cryptographic secrets from a person by coercion or torture, in contrast to a mathematical or technical cryptanalytic attack....