Rate this page del.icio.us  Digg slashdot StumbleUpon

Dual password encryption with EncFS

by Alexander Todorov

This article is a step-by-step guide to using two passwords with EncFS. The primary password is required and may be used to secure all data; the secondary password is optional and may be stored on USB stick or other removable media and used to secure more sensitive data. EncFS can also be combined with block device encryption for maximum security. Block device encryption is described in a previous article by Michael Petullo, Disk encryption in Fedora: Past, present, and future.

Table of Contents

Introduction

Before we continue with the details, here are some real-world examples of why this kind of encryption is useful.

1. Protection relative to the sensitivity of the data. John Doe uses EncFS to store some important personal information on his laptop. He uses a secondary password to store corporate information when working from home. Both set of files are stored in the same encrypted directory. Usually personal passwords are easy to guess if you have information about the person. If personal password (e.g his dog’s name) is compromised corporate data is still protected. An attacker will need more time to guess the second password. This will give the company time to take any actions as necessary and maybe the attacker will be arrested by the police during that time.

2. Protect your portable devices. John Doe is a sales agent. He is using EncFS to protect data on his laptop. This includes day-to-day activities like e-mails, meeting appointments, todo list, etc. He is using secondary password stored on USB stick to protect confidential information. This includes upcoming contract details, company financial information, plans for future products. His laptop is stolen and personal password is guessed using dictionary attacks. John Doe did not pick up a strong password. Corporate data is still safe. The USB stick was not stolen.

3. Two levels of security hide data more effectively. Do you remember the story of Kevin Mitnick? John Doe is a wanna-be hacker. He is paranoid and is using encryption to protect all the data on his computer. He is using a secondary password to protect sensitive information about the machines he cracked a month ago. He is arrested by the police and the primary password is compromised because he gives it up. All the data on the computer that is decrypted is examined. Some files did not decrypt and were silently ignored. All charges are dropped because of lack of evidence. John Doe got lucky this time. Think twice next time before doing something illegal.

Technical information

Q: What is EncFS?

A: EncFS provides an encrypted filesystem in user-space. EncFS provides security against offline attacks like a stolen notebook. Visit EncFS’ home page for more details.

Q: How does EncFS work?

A: EncFS works on files and directories, not an entire block device. This means that it does not encrypt your hard drive. It modifies file names and contents. The data is stored on the underlying filesystem and metadata is preserved. File attributes such as ownership, modification date and permission bits are not encrypted and are visible to anybody. EncFS is acting like a translator between the user and the filesystem, encrypting and decrypting on the fly.

Q: What are EncFS benefits?

A:

  • EncFS is easy to use and requires no special setup. A local user has to be in the ‘fuse’ group to use EncFS. It does not require ‘root’ privileges.
  • EncFS makes it easy to perform backups while it is not mounted. You can use ‘rsync’ or any other tool that you would use on an ext3 filesystem.
  • EncFS can be used with secondary passwords. This could be used to store a separate set of files on the same encrypted filesystem. EncFS ignores files which do not decode properly, so files created with separate passwords will only be visible when the filesystem is mounted with the associated password. Read the man page for details on how this is implemented.
  • There is the option to read passwords from an external program or stdin (standard input). This option combined with custom scripting makes EncFS very flexible.
  • By default, all FUSE based filesystems are visible only to the user who mounted them. No other users (including root) can view the filesystem contents. For other users it will appear like this:
    ls -l /home/jdoe
    drwxr-xr-x 4 jdoe jdoe 4096 2007-05-18 22:00 encrypted
    ?--------- ? ?    ?       ?                ? plain
    

Installing EncFS

Installation is very simple. Follow the steps below.

Note
All actions below should be executed with root privileges.

Install fuse-encfs from Fedora Extras:

yum install fuse-encfs

You should see something like this (on an x86_64 system):

=============================================================================
Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
fuse-encfs            x86_64   1.3.2-1.fc7      development      278 k
fuse-encfs            i386        1.3.2-1.fc7      development      276 k
Installing for dependencies:
 fuse                    x86_64    2.6.3-2.fc7      development     77 k
 fuse-libs              x86_64    2.6.3-2.fc7      development     56 k
 fuse-libs              i386         2.6.3-2.fc7      development     57 k
 rlog                     x86_64    1.3.7-3.fc6      development     36 k
 rlog                     i386        1.3.7-3.fc6      development     35 k

Transaction Summary
=============================================================================
Install       7 Package(s)
Update    0 Package(s)
Remove  0 Package(s)

Load the FUSE module:

 /sbin/modprobe fuse

And, finally, add any users that will use EncFS to group ‘fuse':

usermod -Gfuse jdoe

Using EncFS

Using EncFS does not differ from using any other filesystem. The only thing you need to do is to mount it somewhere and start creating files and directories under the mount point.

Note
All commands below do NOT require root privileges.
Warning
Use only absolute path names with EncFS!

Create working directories:

mkdir -p ~/encrypted ~/plain
  • plain/ – looks like a normal directory. All files stored here look like normal files for the user who mounted this directory with EncFS. This acts like a virtual directory performing encryption and decryption.
  • encrypted/ – looks garbled. The actual data is stored here and is encrypted.

Now you can mount the new EncFS volume for the first time. This assumes a default configuration:

encfs /home/jdoe/encrypted /home/jdoe/plain
Creating new encrypted volume.
Please choose from one of the following options:
enter "x" for expert configuration mode,
enter "p" for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
?> press Enter

Standard configuration selected.

Configuration finished.  The filesystem to be created has
the following properties:
Filesystem cipher: "ssl/blowfish", version 2:1:1
Filename encoding: "nameio/block", version 3:0:1
Key Size: 160 bits
Block Size: 512 bytes
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.

Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism.  However, the password can be changed
later using encfsctl.

New Encfs Password: password-one
Verify Encfs Password: password-one

Create a file:

echo "some content" > ~/plain/file.one

Check contents in plain/:

ls -la ~/plain/
drwxr-xr-x 2 jdoe jdoe 4096 2007-05-15 20:26 .
drwxr-xr-x 4 jdoe jdoe 4096 2007-05-15 20:25 ..
-rw-r--r-- 1 jdoe jdoe   14 2007-05-15 20:26 file.one
cat ~/plain/file.one
some contents

Check what’s in encrypted/:

ls -la ~/encrypted/
drwxr-xr-x 2 jdoe jdoe 4096 2007-05-15 20:26 .
drwxr-xr-x 4 jdoe jdoe 4096 2007-05-15 20:25 ..
-rw-r--r-- 1 jdoe jdoe   22 2007-05-15 20:26 2JkbGxSVzUCZoj9ggUxT9Sou
-rw-r----- 1 jdoe jdoe  224 2007-05-15 20:25 .encfs5
Warning
.encfs5 is a special file. When performing backups or restoring data, make sure to keep this file. If you loose it, you may not be able to recover your data.
Note
Meta information is not encrypted. Permissions, ownership, and modification date are the same.

Inspect the contents of encrypted file:

cat ~/encrypted/2JkbGxSVzUCZoj9ggUxT9Sou
garbled output follows...

Unmount the filesystem and mount it again with another password:

fusermount -u ~/plain/
encfs --anykey /home/jdoe/encrypted /home/jdoe/plain
EncFS Password: password-two
Caution
We are using the --anykey option to allow secondary passwords.

Check plain/ again. The directory is empty. Previous files were not decoded with the new password.

ls -la ~/plain/
drwxr-xr-x 2 jdoe jdoe 4096 2007-05-15 20:31 .
drwxr-xr-x 4 jdoe jdoe 4096 2007-05-15 20:25 ..

Now create another file that will be in “hidden” mode:

echo "hidden contents" > ~/plain/file.two

Check again what’s in encrypted/. Both files are stored in the same directory:

ls -la ~/encrypted/
drwxr-xr-x 2 jdoe jdoe 4096 2007-05-15 20:32 .
drwxr-xr-x 4 jdoe jdoe 4096 2007-05-15 20:25 ..
-rw-r--r-- 1 jdoe jdoe   22 2007-05-15 20:26 2JkbGxSVzUCZoj9ggUxT9Sou
-rw-r--r-- 1 jdoe jdoe   24 2007-05-15 20:32 m4d,sy2mG81SVfKw6278SBJBi
-rw-r----- 1 jdoe jdoe  224 2007-05-15 20:25 .encfs5

Unmount and mount again using the first password:

fusermount -u ~/plain/
encfs --anykey /home/jdoe/encrypted /home/jdoe/plain
EncFS Password: password-one

Inspect the contents of plain/ again. The second file was not decoded properly and is not shown:

ls -la ~/plain/
drwxr-xr-x 2 jdoe jdoe 4096 2007-05-15 20:32 .
drwxr-xr-x 4 jdoe jdoe 4096 2007-05-15 20:25 ..
-rw-r--r-- 1 jdoe jdoe   14 2007-05-15 20:26 file.one

Tips and tricks

Here’s a few best practice tips for using EncFS:

  • For the primary password, choose a strong password containing lowercase and capital letters, numbers, and punctuation marks. Make it easy to remember but hard to guess. Do not use your dog’s name, date of birth, or phone number.
  • The secondary password may conform to the rules for primary one or it may be randomly generated. The following command will generate a 4096-bit random password:
    dd if=/dev/urandom of=/path/to/password bs=1 count=512
    
  • Store secondary passwords on removable media–a USB stick for example. Keep the physical media in secure place. Never leave media unattended.
  • It may be hard to detect that you use two passwords because encrypted files are stored in the same folder. If you have a large number of files encrypted with your primary password and only a few files encrypted with the secondary one, it is very likely that your secondary files may go unnoticed.
  • Using multiple passwords may be very frustrating for somebody examining your system. They will probably give up. Keep in mind that using multiple passwords is not easy and you may forget them. Keep in mind that the chances of restoring your data if this happens are almost zero.
  • For paranoid set-up, you may combine EncFS with some popular disk encryption tool such as “cryptsetup”. This should be enough secure for (just about) everyone.
  • Using encrypted filesystems is risky. Your filesystem becomes even more fragile than before. Perform regular backups just in case.

Summary

You have just learned how to use encryption to protect your data. It’s easy, simple, and requires no root privileges. It works without any special setup, and decreases the chance that you will damage your hard drive or accidently break your computer. There is also a nice graphical application for using EncFS with KDE called K-EncFS.

More information

6 responses to “Dual password encryption with EncFS”

  1. jasonm says:

    OK, we know how to make a 512 byte password now.

    But how to use it at the password prompt? It can’t be type in, obviously.

  2. Alexander Todorov says:

    From the manual page of EncFS:

    –extpass=program
    Specify an external program to use for getting the user password.

    -S, –stdinpass
    Read password from standard input, without prompting. This may be useful for scripting encfs mounts.

    The random generated password can be used as follow:
    cat /path/to/password | encfs -S /home/jdoe/encrypted /home/jdoe/plain

  3. jasonm says:

    Thanks! That’ll work.

  4. Jack says:

    Jack

    Definitely, the most sensible thing i have seen in a long time.

  5. scott 'webdragon' godin says:

    Article typo. nothing serious but one that annoys me no end by how the mistyped meme has propagated even into mainstream publication.

    In the paragraph starting with “Warning .encfs5 is a special file. “, the word ‘loose’ needs to be corrected: it should be spelled ‘lose’.

    loose = not tight.
    lose = misplace.

    i.e. when you misplaced your car keys, you didn’t “loose” them but you did “lose” them. So if it wouldn’t be too much trouble to ask, would you lose the looseness? :)

    Other than that, great article with some very useful information.Just got a laptop myself and as I travel a bit on occasion, I’ve gotten somewhat curious as to this sort of thing.

  6. Dimonf says:

    It is clear, how to use random generated password. But I found no way to assign such a password from a file / via pipe, using encfsctl on existing encrypted directory or encfs on initializing stage.