6

How long should a password be, for filesystem encryption?

view full story
linux-howto

http://serverfault.com – I want to encrypt my filesystem with encfs, but I don't know how long my password should be. I'm gonna be using AES 256, with blocks of 4096 bits. How many guesses per second can I expect an attacker can make on files encrypted with that? I'm worried that this might depend on the size of the smallest encrypted file. Any thoughts? (HowTos)

dayu's picture
Submitted by dayu on 05/23/2012 – Made popular on 05/23/2012

Stories similar to How long should a password be, for filesystem encryption?

Encrypt Your Data With EncFS (OpenSUSE 12.2)

EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. It is a pass-through filesystem, not an encrypted block device, which means it is created on top of an existing filesystem.

Encrypt Your Data With EncFS (Fedora 17)

EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. It is a pass-through filesystem, not an encrypted block device, which means it is created on top of an existing filesystem.

Encrypt Your Data With EncFS (Ubuntu 12.10)

EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. It is a pass-through filesystem, not an encrypted block device, which means it is created on top of an existing filesystem.

Encrypt Your Data With EncFS (Debian Squeeze/Ubuntu 11.10)

EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. It is a pass-through filesystem, not an encrypted block device, which means it is created on top of an existing filesystem.

EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. EncFS is open source software, licensed under the GPL.

As with most encrypted filesystems, Encfs is meant to provide security against off-line attacks; ie your notebook or backups fall into the wrong hands, etc.

Currently I'm using EncFS to encrypt my directory "confidential" to ".encconfidential" and sync that encrypted directory using an online service (e.g. Dropbox, UbuntuOne etc). However my entire disk is already LUKS encrypted, so the double encryption takes a toll on performance.

I wonder is there an "inverted" EncFS option?

i encrypted this phone to let my brother have it

now i wonder if i can decrypt it

or will it now forever need a password to be used?

or will the encryption dissappear as i do a hard reset?

i know the password but i want to remove the encryption

i encrypted it to make my files even more hard to retrieve

now i am worried this encryption is permanent

is it?

I thought changing the password with 'encfsctl passwd path/to/encrypted' would change all filenames. But it didn't work. Any ideas why?

I got this, so the password was changed correctly:

Enter current Encfs password EncFS Password: Enter new Encfs password New Encfs Password: Verify Encfs Password: Volume Key successfully updated.

I connected to a Windows Server 2008 R2 shared folder from a Mac OS X Mountain Lion computer over the Internet using this command:

mount -t smbfs //user@server/path/to/share local_folder

Is traffic encrypted by default? What settings do I look at (if any) to know whether it was encrypted? If it wasn't encrypted, what's the easiest way to encrypt it?