eCryptfs

What is novel about eCryptfs?

Asked by Dustin Kirkland 

Well, nothing, to be honest. All of the techniques used in eCryptfs are directly based on cryptographic technology that was widely known and in practical use in the 1970's.

Security problems often arise when software tries to ``invent its own crypto'' by deviating from what has been in common practical use for a lengthy period of time. eCryptfs sticks to tried-and-true encryption technology.

In terms of per-file key management, eCryptfs simply uses the methods of PGP (created by Philip Zimmermann in 1991 and formally specified as a public standard in RFC2440 in 1998) and takes the obvious and conceptually trivial step of applying those methods within a filesystem service in the kernel. eCryptfs employs the well-weathered encryption techniques that have been in common use in the community for over two decades. Other cryptographic filesystems published and widely used in the 1990's use the same basic approach to encrypting files. eCryptfs just happens to be the first such filesystem to make it upstream in the Linux kernel.

Question information

Language:
English Edit question
Status:
Solved
For:
eCryptfs Edit question
Assignee:
No assignee Edit question
Solved by:
Dustin Kirkland 
Solved:
Last query:
Last reply:
Revision history for this message
Dustin Kirkland  (kirkland) said : 		#1

Answer from the FAQ.

Revision history for this message
Dustin Kirkland  (kirkland) said : 		#2

Well, nothing, to be honest. All of the techniques used in eCryptfs are directly based on cryptographic technology that was widely known and in practical use in the 1970's.

Security problems often arise when software tries to ``invent its own crypto'' by deviating from what has been in common practical use for a lengthy period of time. eCryptfs sticks to tried-and-true encryption technology.

In terms of per-file key management, eCryptfs simply uses the methods of PGP (created by Philip Zimmermann in 1991 and formally specified as a public standard in RFC2440 in 1998) and takes the obvious and conceptually trivial step of applying those methods within a filesystem service in the kernel. eCryptfs employs the well-weathered encryption techniques that have been in common use in the community for over two decades. Other cryptographic filesystems published and widely used in the 1990's use the same basic approach to encrypting files. eCryptfs just happens to be the first such filesystem to make it upstream in the Linux kernel.