0

I've been reading about encryption methods and see things like 'ecryptfs', 'veracrypt', 'LUKS' that "military grade encryption" is basically 256-AES encryption.

I have data on an external hdd - can't tell by reading which encryption method is best to use; maybe it is one I have never heard of.

Ángel
  • 17,578
  • 3
  • 25
  • 60
topencrypt
  • 13
  • 4
  • 3
    "Military Grade Encryption" is a marketing buzzword that means absolutely nothing. As far as FDE goes, all of them are solid choices. –  Aug 23 '19 at 22:22
  • 1
    Note also that Veracracrypt and LUKS are containers that use an underlying encryption, often AES but others can be defined. – user10216038 Aug 23 '19 at 23:44
  • @MechMK1 Thanks, I have heard that also, but that 256-AES is the best encryption or part of the best encryption algorithm. – topencrypt Aug 23 '19 at 23:56
  • @user10216038 Thanks. Can you tell if AES was used with Veracrypt and LUKS? – topencrypt Aug 24 '19 at 00:02
  • @topencrypt AES has it's problems (e.g. side-channel attacks), but it's still an extremely solid choice for anything that needs to be encrypted symmetrically. Veracrypt [supports AES](https://www.veracrypt.fr/en/Encryption%20Algorithms.html), so [does LUKS](https://unix.stackexchange.com/questions/354787/list-available-methods-of-encryption-for-luks). –  Aug 24 '19 at 12:23
  • @MechMK1 Ok, thanks. So what's the most solid, the best? – topencrypt Aug 24 '19 at 21:42
  • @topencrypt **All** of them are solid choices, and any difference - if there was any - would be so negligible that it doesn't matter. You might think something that takes 5.2 times the lifespan of the universe to crack is more secure than something that takes 4.7x, but in practical terms **they are all identical**. –  Aug 25 '19 at 12:13

1 Answers1

1

If this is a disk that you will only use on Linux systems, as seems implied by your use of ext4, I would recommend you to simply use LUKS as the format below your ext4 partition.

It is well-supported by every distro, usually you don't need any extra package, and it even mounts automatically (after requesting the encryption key, obviously) from the Desktop environment.

VeraCrypt supports hidden volumes which LUKS doesn't (in case you want to place a decoy filesystem there), so you might prefer that if that's an important feature for you (it probably isn't relevant). It has supports multiple OS, so would be interesting for a disk that you were to share with a Windows computer, but it's not the case either.

(Being a fork of TrueCrypt, some people may consider that it could have inherited a hidden vulnerability that allowed to decrypt its contents, but I find that unlikely, specially given that they are now using a different format than TrueCrypt did)

Both LUKS and VeraCrypt are Full Disk Encrpytion solutions (FDE) and would provide strong security that would be roughly equivalent (assuming the use of a secure passphrase).

A tool you did not mention, encfs is a fuse solution that encrypts single files over an existing filesystem. It is handy for example if you want to add some encrypted files on an already-formatted filesystem, or if you don't have rights to format the disk and place a new filesystem there, including the case where the files are actually in a different machine (such as a cloud provider), but this results in a weaker encryption. A security audit some years back found a number of issues on the resulting file storage (mostly the result of compromises due to encrypting files individually).

Finally, eCryptfs is another filesystem that works file-by-file. In this case, it is a native Linux filesystem rather than a FUSE module, and may the file format is different (the files themselves are independent, without needinbg a encfs.xml config file) and seems to be stronger (I haven't studied it).

Yet, these approaches will leak metadata. An attacker that had repeated access to the disk would be able to infer information based on the sizes of the files, file modification, etc.

For an external hdd you should be using FDE, which doesn't suffer this problem. As the disk is encrypted as a whole, the metadata that could be leaked is minimal.¹

¹ Not exactly zero, as an attacker which could make a copy of the disk at multiple times could see which blocks changed, and maybe even make some guesses if they are filesystem metadata or actual files, based on location of the blocks on the disk. An encryption storage that uses files needs to leak several orders of magnitude more information.

Ángel
  • 17,578
  • 3
  • 25
  • 60
  • Comments are not for extended discussion; this conversation has been [moved to chat](https://chat.stackexchange.com/rooms/97896/discussion-on-answer-by-angel-whats-a-good-encryption-method-available-for-exte). – Rory Alsop Aug 26 '19 at 19:08
  • Thanks @RoryAlsop, I had looked up to move it myself, but did not find the option. – Ángel Aug 26 '19 at 22:46