rootninja

I really like eCryptfs, an encrypted file system supported in kernel able to encrypt right on top of the already supported file systems. No kernel-user-kernel-user swapping required. I like the selective ability of encrypting individual files and I especially like the interchangeable key structure.

While eCryptfs sounds great, there are a few downsides of stacked file system encryption. You can’t encrypt swap space, Oracle ASM volumes, or any file system not already supported by the kernel. Since eCryptfs encrypts file-by-file, it will be easy to figure out the file sizes, the number of files, permissions, superblocks, and other information about the underlying file system. This also means the knowledge that encrypted data exists in the first place cannot be hidden. Block encryption such as TrueCrypt can be completely hidden and can encrypt any file system. Swap space, no problem. File system xyz, no problem.

There’s no one size fits all. Use the right tool for the job I guess…