Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

PEFS - stacked cryptographic file system for FreeBSD

branch: master

Fetching latest commit…


Cannot retrieve the latest commit at this time

Octocat-spinner-32 lib
Octocat-spinner-32 sbin
Octocat-spinner-32 sys pefs: Compare sensitive data in constant time. March 31, 2014
Octocat-spinner-32 Makefile
Octocat-spinner-32 README
PEFS (Private Encrypted File System) is a kernel level stacked cryptographic
filesystem for FreeBSD.

The following is a list of its most important features:

*   Kernel level file system, no user level daemons needed. Transparently runs
    on top of existing file systems.

*   Random per file tweak value used for encryption, which guaranties different
    cipher texts for the same encrypted files.

*   Saves metadata only in encrypted file name, but not in file itself.

*   Supports arbitrary number of keys per file system, default directory key,
    mixing files encrypted with different keys in same directory.

*   Allows defining key chains, can be used to add/delete several keys by
    specifying only master key.

*   Uses modern cryptographic algorithms: AES and Camellia in XTS mode,
    PKCS#5v2 and HKDF for key generation.

FreeBSD wiki page:

Installation instructions:

# git clone git:// pefs
# cd pefs
# make obj all
# make install
# make clean
Something went wrong with that request. Please try again.