Skip to main content
Article thumbnail
Location of Repository

eCryptfs: An Enterprise-class Cryptographic Filesystem for Linux

By Michael Austin Halcrow


eCryptfs is a cryptographic filesystem for Linux that stacks on top of existing filesystems. It provides functionality similar to that of GnuPG, only the process of encrypting and decrypting the data is done transparently from the perspective of the application. eCryptfs leverages the recently introduced Linux kernel keyring service, the kernel cryptographic API, the Linux Pluggable Authentication Modules (PAM) framework, OpenSSL/GPGME, the Trusted Platform Module (TPM), and the GnuPG keyring in order to make the process of key and authentication token management seamless to the end user. 1 Enterprise Requirements Any cryptographic application is hard to implement correctly and hard to effectively deploy. When key management and interaction with the cryptographic processes are cumbersome and unwieldy, people will tend to ignore, disable, or circumvent the security measures. They will select insecure passphrases, mishandle their secret keys, or fail to encrypt their sensitive data altogether. This places the confidentiality and the integrity of the data in jeopard

Year: 2009
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.