1. Introduction

1.1 Legal Stuff

Encryption HOWTO for Linux Systems

Copyright (C)2000 Marc Mutz.

This document is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This document is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You can get a copy of the GNU GPL at http://www.gnu.org/copyleft/gpl.html.

1.2 I've got nothing to hide

In this section I will briefly remind you of basic rules that must be taken care of if you want to use strong encryption, as all of the presented packages in this document support (or even require) it.

As the fear of governments of cryptography being employed by criminal circles has produced some strange regulations concerning the use of strong encryption, it cannot be over-emphasized how important it is to know the law in your own country:

1. Am I allowed to use strong cryptography?
2. Am I allowed to use a particular cipher algorithm either for private or commercial use? Do I have to pay licence fees?
3. Am I allowed to participate in the development of software that contains strong cryptography?

• The Crypto Law Survey web page by Bert-Jaap Koops at http://cwis.kub.nl/~frw/people/koops/ lawsurvy.htm.
• The RSA crypto FAQ at http://www.rsasecurity.com/rsalabs/faq/
• The alt.security.*, alt.privacy.* newsgroups.
• The Department of Justice or lawyers if in doubt (likely only interesting for commercial applications).

1.3 Aims of this document

This document will (eventually, more or less extensively) describe all major development activities around the Linux(tm) operating system that provide encryption features to the kernel.

These effords are currently being collected by Alexander Kjeldaas ( astor@fast.no) in the so-called International Kernel Patch (see below). If some packages described here are currently not included in this patch, I will state that clearly at the beginning of the section that discusses it.

This document will not speak about other security-related issues. See the excellent Security HOWTO for that.

You can always find the latest version and snapshots (pre-releases) of forthcoming versions of this document at it's homepage at http://marc.mutz.com/Encryption-HOWTO/

1.4 Mailing List

If you have questions or suggestions regarding this document or Linux and cryptography in general, you can send them to the mailing list linux-crypto@nl.linux.org. To subscribe, just send a message with the single line

subscribe linux-crypto

1.5 Notations and Conventions used

I would like to give a few notations I will use throughout this document here.

When listing commands or command sequences, I will prepend each one with a prompt, either user$ for an ordinary user's shell, root# for a root shell and user> and root> for continued lines in a user and root shell resp.

Also I would like to mention that links to HOWTO's are meant to work on the LDP site and in any directory structure that keeps all HOWTO's in the same directory (e.g. /usr/doc/howto). They definitely do not work from within the Encryption-HOWTO Homepage.