ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

Which is better, "block level encryption" or "stacked file system" encryption tools in Linux?

user-image
تم إضافة السؤال من قبل مستخدم محذوف‎
تاريخ النشر: 2013/07/10
Tariq Ghouri
من قبل Tariq Ghouri , Resident Engineer , Pakistan Petroleum Ltd.

It depends upon your needs or the situation you are facing ..
both are the best tools

مستخدم محذوف‎
من قبل مستخدم محذوف‎

In block level encryption, the well known tools are Truecrypt, loop+AES, dm-crypt+luks.
I'm using Truecrypt as my encryption tool and not only supports linux but supports other platform.
I can't say anything on performance because I never used the other two tools.
In stacked level encryption, EncFS and eCryptfs are well known tools.
Both have same performance.

Athanassios Staveris-Polykalas
من قبل Athanassios Staveris-Polykalas , Secretary General of Telecommunications and Post - Hellenic Republic , General Secretariat of Telecommunications and Post - Hellenic Republic

hi For stacked level I would suggest ecryptfs or EncFs.
if remember correct encfs does not need special permissions.
Regarding block device level encryption there are:1.
loop-aes2.
truecrypt3.dm-crypt+luks and other .
My favourites now for stacked is ecryptfs and for block leve encryption truecrypt.
In any case check the others i have send you, maybe are better for your needs.
hope i helped.

Dariusz Duma
من قبل Dariusz Duma , System Engineer , Cisco

Ask yourself a question - "what means 'better' in implementation".
Both methods have pros and cons.
If you are looking for best performance, block-level encryption (dm-crypt) is faster than stacked files encryption (encfs, ecryptfs).
Especially, if you has a hardware accelerator for AES.
But if you need to hide only few files, and you'll open them once for a week - block-level is less complicated.
If you want to protect plenty of files, used very frequently - dm-crypt is the best option.
In the matter of security, you've to remember that some files may land decrypted outside your crypted filesystem - for example, in swap space.
Thief can read them from swap without problem - unless, swap'll be encrypted too (dm-crypt).

المزيد من الأسئلة المماثلة