Hi Uri, there are use cases where it is enough to encrypt file contents and you don't care about the directory structure, file sizes or file metadata being public. For these cases, a (fixed version of) EncFS works just as well.
However, this metadata being public gives an attacker more information than you might think at first glance. Say you store some directories, each has ~20 files and each file has ~3MB. This is probably a music CD collection. Or say you store a copy of the Windows 8 CD (or any other set of files the attacker has access to). By looking at the distribution of file sizes over directories, an attacker can say with fair certainty whether you're storing this set of files or not. Another potential problem are watermarking attacks. So in general, my opinion is to better be safe than sorry and keep things as confidential as possible. But there certainly are use cases where this level of confidentiality is not needed. Best, Sebastian On 08.02.2016 18:36, Blumenthal, Uri - 0553 - MITLL wrote: > It is unclear to me what kind of information you expect the adversary to > learn from the current EncFS structure with encrypted filenames (and the > other protections, like block-encoding file names, etc), what what in your > opinion that adversary could do with that information. > > I wonder if the extra complexity and fragility this mechanism introduces > are worth the extra protection it offers. > > For example, I couldn’t care less that my directory structure is revealed. > Hiding file names is plenty good enough for my use case. > > For those who’d rather have a completely opaque container, there is > VeraCrypt. > -- > Regards, > Uri Blumenthal > > > > > On 2/8/16, 04:23, "Sebastian Messmer" <heinzis...@web.de> wrote: > >> Hey Anthony, >> >> thank you. Tell me what you think after you tried it out. >> If you have input on the way I intend to solve the directory conflict >> problem, I'd also be happy to hear it. >> >> Just as you can with EncFS, you can interleave multiple encrypted file >> systems in CryFS if you keep the configuration file out of the base >> directory. You can also for example obfuscate the actual file system >> size by adding random blocks (or alternatively a second CryFS file >> system with random data). >> >> Best >> Sebastian >> >> On 08.02.2016 01:47, Anthony Thyssen wrote: >>> I look forward to testing out this out. As I have said in the past, >>> this is the 'next step' in the File System Level of Encryption (As >>> opposed to Disk/Partition or individual File based encryption). >>> >>> The point about a changes to a directory on two different systems >>> causing a synchronization conflict is something I never even thought >>> of, and will require some very careful handling. Otherwise files added >>> on one system may become 'lost'. >>> >>> I also look forward to attempting to 'interleave' multiple encrypted >>> file systems into the same encrypted data store, Something I often do >>> with EncFS without problems. >>> >>> Thank you for your efforts, Cloud Filesystems have become a major part >>> of the world, and Encrypted Filesystems has become vital to making >>> this secure, even form the providers of such systems. >>> >> >> -------------------------------------------------------------------------- >> ---- >> Site24x7 APM Insight: Get Deep Visibility into Application Performance >> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month >> Monitor end-to-end web transactions and take corrective actions now >> Troubleshoot faster and improve end-user experience. Signup Now! >> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 >> _______________________________________________ >> Encfs-users mailing list >> Encfs-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/encfs-users > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > Encfs-users mailing list > Encfs-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/encfs-users ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Encfs-users mailing list Encfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/encfs-users
