| Original author(s) | Michael Halcrow,IBM Linux Technology Center, Erez Zadok |
|---|---|
| Initial release | November 30, 2006; 18 years ago (2006-11-30) |
| Stable release | 111 / May 2, 2016; 8 years ago (2016-05-02) |
| Written in | C |
| Operating system | Linux |
| Platform | Linux kernel |
| Type | filesystem,encryption |
| License | GPL v2+ |
| Website | ecryptfs |
eCryptfs (enterprise cryptographic filesystem) is a package ofdisk encryption software forLinux. Its implementation is aPOSIX-compliant[1]filesystem-levelencryption layer, aiming to offer functionality similar to that ofGnuPG at theoperating system level,[2] and has been part of theLinux kernel since version 2.6.19.
The eCryptfs package has been included inUbuntu since version 9.04 to implement Ubuntu's encryptedhome directory feature,[3] but is now deprecated[4]
eCryptfs is derived from Erez Zadok's Cryptfs.[5] It uses a variant of theOpenPGP file format for encrypted data, extended to allowrandom access, storing cryptographicmetadata (including a per-file randomly generatedsession key) with each individual file.[2]
It also encrypts file and directory names which makes them internally longer (average one third). The reason is it needs touuencode the encrypted names to eliminate unwanted characters in the resulting name.This lowers the maximum usable byte name length of the original file system entry depending on the used file system (this can lead to four times fewer characters for example for Asian utf-8 file names).