Encrypted Files Systems

In moving to Kubuntu 5.04 from a Knoppix install, my loop-aes partitions are no longer readable. Since crypto-loop is being deprecated anyway, I thought I would try the dm-crypt. However, because I would have to employ that on top of a file loop, it's a hassle. Fortunately, I bumped into EncFS. Generally, I like it a lot and is comparable to crypto-loop except when it comes to a USB drive. A copy of a 2GB file to a

  • a normal IDE partition: \~17MB/s,
  • an external vfat USB2 drive (ehci_hcd): \~11MB/s,
  • an encfs directory on the IDE drive: \~7MB/s,
  • an encrypted directory on the external drive: 64KB/s.


Interestingly an ext3 formatted loop device (no encryption) on the external drive is \~17MB/s and with crypto-loop it is \~10MB/s. Now, here's the real kicker: an ext3 loop partition sitting on the vfat external drive, hosting an encfs directory is \~14MB/s! So, vfat sucks -- though encfs on vfat aprobably doesn't have to do quite so poorly. Or to put it another way, it's faster to put a 3GB file on the external vfat drive (vfat is very compatible with many computers), mount it as an ext3 device loop, and run encfs on top of that than it is to access the plain old vfat file system. (This is even slightly faster than running encfs on the local IDE drive!)

Comments !