Lo-fi (but cross-platform) portable encryption?

[Havin_it]

Hi,

I've just got a present of a USB key - small capacity, not much use, but I have a scheme I'd like to try with it. That is, to have an encrypted storage area on the drive, plus the executables needed to open it under either Linux or Windows without needing any natively-installed helpers.

I wonder if anyone could give me some advice about how to go about this. I wouldn't need any form of steganography or obfuscation, just a secure, password-protected encrypted folder/archive and simple, portable progs to open it without any specific help from the OS. It needn't be a mountable filesystem, just a folder or zipped/whatever archive.

Possible? Welcome all your thoughts!

[odessit]

There is always the http://www.truecrypt.org/
I've used it in a similar situation but with a removable SCSI drive.
You will have to setup your USB in Linux first.

[Havin_it]

The problem with TrueCrypt though, is it requires Administrator privileges to use. That somewhat undermines the concept of their 'Traveller Mode' - travellers are not normally afforded these privileges!

Reading over their docs does give me a slightly better sense of what I'm seeking, though: TrueCrypt does all the encryption/decryption on the fly, which does seem to be the only practicable way of having anything more than a single textfile to play with, without having to write the contents unencrypted to disk at some stage.

If I restrict my usage to a single file, I guess a text-mode editor like nano could be hooked up to the encrypt/decrypt mechanism, so everything was done in memory...

An app that could do a whole folder-hierarchy would have to hold it in memory while you used it. I'm not aware of any apps that do that, but still questing...

[nielchiano]

[Havin_it]

Agreed - it's definitely worth avoiding the decrypted content being written, even on the device itself. I came across mentions of a couple of things that might be of some help:

1) Portable GnuPG
2) 'PGP self-decrypting files' (it was just a throwaway reference on some BB post, no actual info given).

If I can turn up more practical info on either of these, I might be getting somewhere.

[Havin_it]

Some progress, on a very simple level. I took the gpg binary and was able to run it on its own on the USB-key to decrypt a symmetrically-encrypted textfile to stdout.

This is a good start; I've also found a project that provides the same thing on Windows. What remains, though, is how to manipulate and re-encrypt the contents without writing them to disk.

Is there a text-mode editor that can be invoked to edit a string from stdin, and feed it back to stdout when done? It certainly looks like nano doesn't, and it was the most compact (so hopefully easily-portable) I could think of.

EDIT: Had a bash (oops punnery) at a script to do the job of adding new items to the encrypted file. Keeping the text in variables so hopefully reasonably secure in that it avoids writing plaintext files.