In block level encryption, the well known tools are Truecrypt, loop+AES, dm-crypt+luks. I'm using Truecrypt as my encryption tool and not only supports linux but supports other platform.
I can't say anything on performance because I never used the other two tools.
In stacked level encryption, EncFS and eCryptfs are well known tools. Both have same performance.
by
Athanassios Staveris-Polykalas , Secretary General of Telecommunications and Post - Hellenic Republic , General Secretariat of Telecommunications and Post - Hellenic Republic
hi
For stacked level I would suggest ecryptfs or EncFs. if remember correct encfs does not need special permissions.
Regarding block device level encryption there are:1. loop-aes2. truecrypt3.dm-crypt+luks and other .
My favourites now for stacked is ecryptfs and for block leve encryption truecrypt.
In any case check the others i have send you, maybe are better for your needs.
hope i helped.
Ask yourself a question - "what means 'better' in implementation". Both methods have pros and cons.
If you are looking for best performance, block-level encryption (dm-crypt) is faster than stacked files encryption (encfs, ecryptfs). Especially, if you has a hardware accelerator for AES. But if you need to hide only few files, and you'll open them once for a week - block-level is less complicated. If you want to protect plenty of files, used very frequently - dm-crypt is the best option.
In the matter of security, you've to remember that some files may land decrypted outside your crypted filesystem - for example, in swap space. Thief can read them from swap without problem - unless, swap'll be encrypted too (dm-crypt).
