Userspace Filesystem Encryption with EncFS

For a long time now, computer-related theft has been a real problem. The most likely victims of these thefts are laptops and USB sticks, which are obviously very easy to lift (and leave with). Desktop computers and backup media are stolen less frequently. In all of these cases, much of the time, the data stored in the media is more valuable than both the computer and the media. An important question is how to protect valuable data in our computer's storage areas.

Woes of Encryption

A solution may be to use gpg or similar PKI-based file encryption, but that is still far from transparent and key maintenance is still not very practical. When you consider that you may have to work with several files at a time, this solution becomes even less practical.

The immediate solution is to use an encrypted filesystem, which will encrypt all of the data written into the filesystem and decrypt it on the fly when you need to access it. Though this may solve most of the problems, it has performance/privacy trade-offs; the encryption of your latest work may be good, but the encryption of your favorite text editor or your browser's cache files may be unnecessary.

There's another partial solution related to partitioning on Linux: having all of the system files on an unencrypted partition and the data files on an encrypted partition. As a best-of-two-worlds solution, this seems to solve both the performance and privacy problems, in theory. However, in real life, having such a partitioning may not be easy; you may not have the rights to repartition a multi-user system, or your hard disk layout may make it very difficult to repartition.

The problem is bigger with USB sticks, for you may want to use those sticks to store your private data as well as to exchange some other data with others, probably Windows users. Having a filesystem-wide encryption scheme would subvert that goal. Many projects have tried this classical approach. The most famous are Loopback, CFS, and TCFS.

EncFS

A new and different approach to this problem is EncFS. EncFS runs in userspace, meaning that you do not have to compile kernel modules or have administrative rights. Its most important feature is being able to encrypt not the whole filesystem or partitions, but separate directories. For its simple usage and implementation, on a modern CPU the performance loss is almost negligible, because even a 1.5GHz CPU waits often for RAM or hard disk I/O and has enough power to perform encryption and decryption on the fly.

Valient Gough's EncFS page has detailed benefits and comparisons of EncFS.

To install EncFS, you must first install Fuse and rlog. You can find SuSE 9.2 binary packages from Valient's home page. Debian users should use the alien package converter tool to turn these into Debian-aware .deb files with alien -d xxxx.rpm.

After installing these two packages, you can compile and install EncFS. At the time of this writing, the current version is 1.2. When you have finished installing all three packages, you can start making encrypted directories.

Using EncFS

Using encrypted directories is more like mounting any filesystem under Linux. Create a real directory with all of your files, perhaps /home/user/raw-crypt. You'll also have a mount point, perhaps /home/user/crypt. When referring to the directories, however, be sure to use absolute directory names (not just /usr/bin/crypt).

Make the encryption with the command:

> encfs /home/user/crypt-raw /home/user/crypt

Volume key not found, creating new encrypted volume.

Password: 

Verify: 

Then your encrypted directory is ready. To access it, refer to files in the crypt directory as normal. When you've finished, use:

fusermount -u /home/user/crypt

This unmounts the crypt directory, leaving the encrypted directory crypt-raw on disk. Fortunately, it's pure rubbish to anyone but Tank from the Matrix, with the exception of the file rights and sizes, which are identical to the unencrypted ones. Apart from that, even the filenames have changed.

One good thing about EncFS is that for making backups you do not have to mount the crypt-raw directory. Instead, you can take a snapshot of the encrypted directory and later decrypt it. For the file-by-file-basis encryption, automated backup programs will even recognize the updated files and will archive them.

There is also the matter of passwords. When you create an EncFS directory, EncFS chooses a random password (one which is far more complex than any password entered via the keyboard), encrypts the directory in question, and finally encrypts the random password with your own chosen password. Because of this, any time you change the access password, it only changes the password used to encrypt the random one, making it unnecessary to re-encrypt all the files.

As a whole, EncFS is a very good encryption alternative, with all of the speed and well-thought-out practical solutions to otherwise big problems. EncFS practically secures your data on laptops or USB sticks. You may even use it on your desktop for securing important data.

KIVILCIM Hindistan works as a full time computer security consultant with a CISSP, using Linux and Free Software as weapons of choice.

Return to the Linux DevCenter.