Dear OpenBSD team,
*Describe the feature or enhancement*
As a security focused BSD, could you please consider assisting
Shufflecake creator to port shufflecake to BSD to avoid encryption
metadata / header leaks which both Geli and ZFS encryption currently have.
Please see app website + port assistance request.
https://shufflecake.net/
https://codeberg.org/shufflecake/shufflecake-c/issues/164
Why this request?
Geli / ZFS encryption leaks metadata such as geli header which confirms
that the partition is encrypted. This allows an adversary to force you
to reveal password (whether physically/litigation).
Shufflecake encryption is the next generation private encryption taking
over from Veracrypt, allowing 15 layers of encryption each with
plausible deniability and faster than LUKS and perhaps Geli too.
Shufflecake linux is implemented already for data partitions.
Shufflecake for boot OS is due to be release in 2026.
Having an option to implement Shufflecake encryption with full plausible
deniability is the ideal private system, and the only thing holding me
back from switching from Linux to BSD fully at present.
Please consider this feature as it would add great value to BSD users.
Thanks for the consideration
Dan
