CipherShed Technical Wiki
This is where you'll find technical information regarding the CipherShed Project. This includes the coding methods, project organization, security information, and building information of CipherShed.
Quick Start
Bugs and other issues can be reported to the Issue Tracker.
If you are (or considering being) a new contributor, please see our Quick Start Guide for CipherShed Contributors and development process.
Building on Windows can be found here.
Building on GNU/Linux can be found here.
Building on OS X can be found here.
Information on the current license and future license goals can be found here.
For a detailed list of contributors to the project, please see our Who's Who page.
Project Goals
Goals of the CipherShed Project include:
Secure the code through audits, simplification, and a secure architecture (see the Audit page).
Migrate towards a OSI-approved licensed codebase (see the License page).
Work closely with existing efforts such as OpenCryptoAuditProject, LUKS, GELI, and tc-play.
Philosophy
Google Summer of Code information locate at Roadmap#GSoC .
Throughout everything with do for CipherShed, we try to follow these principles:
Keep It Simple, Stupid (KISS): Avoid complicated solutions whenever possible. Simpler solutions are both easier to implement, maintain, document, and understand. This also includes avoiding unnecessary feature creep; we prioritise enhancing and maintaining current features over adding new features.
Collaboration: We should encourage collaboration with other FOSS projects and external organisations to reduce duplication and increase our software's interoperability.
Openness: Contributions are publicly viewable and verifiable so anyone can confirm the software is correct and secure. Contributors are encouraged to also be publicly viewable (non-anonynous) and verifiable to be trustworthy entities.
Paranoia: Trust no one. Trust nothing. Assume everyone else is a malicious actor and that everyone's machines are compromised by adversaries.
Least Privilege: People should only have the access and privileges needed to perform their tasks, and nothing beyond that.
Constant Code Review: Everyone is strongly encouraged to be examining, testing, and verifying the integrity of our code. Our software is only trustworthy and secure if people are actively ensuring it is so.