Exploring Shufflecake — andreasglashauser.com

Full-disk encryption protects your data while a device is powered off. However, it does nothing the moment someone forces you to type your password (see XKCD #538). In some countries that pressure is even legal: the UK, France, Australia, India, Ireland, Hong Kong, and South Africa all have key disclosure laws that can force you to surrender your password or keys, with refusal punishable by jail time. Recently, a Hackernews comment mentioned Shufflecake in an (unrelated) discussion, which I had never heard of before, so I decided to take a proper look at it.

Shufflecake is a plausible deniability layer for Linux, best described as a spiritual successor to VeraCrypt but built natively for Linux and far more flexible. It lets you create multiple hidden volumes on a single device, each encrypted with its own key, and scrambled across the free space as fixed-size slices. Without the right key, those slices are indistinguishable from random noise. Even the number of volumes is hidden, so an adversary cannot tell whether you have one volume or several.

You set up a hierarchy of passwords, from “least hidden” to “most hidden”. Under pressure, you reveal a decoy password that unlocks something harmless, and nobody can prove that further volumes exist behind it. Opening a password recursively unlocks all the less-hidden volumes above it, so a single password is enough for daily use.

Architecturally it is pleasantly simple. A kernel module, dm-sflc, exposes each volume as a device-mapper target, paired with a small separate userland CLI tool. Each volume then behaves like a normal block device that you can format and mount however you like.

The project itself warns that it is still experimental and should not be relied on for anything important yet. Support is focused currently on Debian-like systems. One thing that has always annoyed me about VeraCrypt is the lack of a native package in the Debian repositories, because part of it still inherits the old TrueCrypt license, which is not considered free, you cannot simply apt install it. Shufflecake has no such problem, since it is released under the GPL, and I would love to see it land in those repositories once it is stable. One feature that I am looking forward to is Hidden OS support which is still work-in-progress, which would be the “holy grail” of plausible deniability.