Turaya.VPN is a piece of software produced by the European Multilaterally Secure Computing Base (EMSCB) German project. This Virtual Private Network (VPN) client uses the L4 hypervisor to execute completely isolated from the legacy operating system and all other applications. The cryptographic operations performed by Turaya.VPN include creating and managing the keys and certificates for the VPN software in such a manner that no malicious software can eavesdrop and modify them. Turaya.VPN can work with other standard VPN clients, such as those based on IPsec, ensuring interoperability in a transparent way. It integrates a firewalling component and a network configuration tool via Dynamic Host Configuration Protocol (DHCP). Current developments of Turaya.VPN include extending the software to support the binding capability of the TPM.
Turaya.Crypt, also developed in the EMSCB project, provides a full-disk encryption facility for Linux. It is different from the many device encryption mechanisms supported by the Linux kernel in that it strongly isolates critical key information and cryptographic operations from malicious users to prevent unauthorized access and eavesdropping. Similarly to Turaya.VPN, the encryption/decryption service runs isolated from the operating system and all other software thanks to the L4 hypervisor. The user provides a password to this service using a trusted GUI, which cannot be accessed from and manipulated by another user. The password provided is then used to generate the encryption key used for encrypting and decrypting the data (i.e., files) on the disk.
The EMSCB website's download page links to the Live CDs and source code of both applications. See http://www.emscb.com/content/pages/turaya.downloads.
Was this article helpful?