Create an encrypted file system on Android with LUKS

LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it not only facilitates compatibility among distributions, but also provides secure management of multiple user passwords.

Building off the work from other great sources, the Guardian Project hack team decided to take a crack at porting LUKS to Android recently, with the goal of creating a proof of concept build process that can be easily adapted to future projects.

On our stock Guardian hardware (rooted NexusOne running CyanogenMod) we were able to create a 50MB “secretagentman.mp3” file on the device sdcard to store our encrypted filesystem. We think the possibilities for enhanced privacy here are great: to the average phone snooper, this would appear as just another harmless media file on your device storage!

You can give it a shot by following the instructions over at the project wiki. Note that the build process requires setting up the Android NDK on your machine, and the current setup process must be done through adb shell or terminal, requiring root permissions. Work on a GUI is just getting started.

As usual we encourage those wishing to get involved to check out our projects on Git, get in touch with us, and join us on IRC at #guardianproject on freenode.