Project Overview

eCryptfs is a POSIX-compliant enterprise cryptographic stacked filesystem for Linux. eCryptfs stores cryptographic metadata in the header of each file, so that encrypted files can be copied between hosts; the file will be decrypted with the proper key in the Linux kernel keyring. There is no need to keep track of any additional information aside from what is already in the encrypted file itself. You may think of eCryptfs as a sort of "gnupg as a filesystem".

eCryptfs is widely used, as the basis for Ubuntu's Encrypted Home Directory, natively within Google's ChromeOS, and transparently embedded in several network attached storage (NAS) devices.

Originally authored by Michael Halcrow and the IBM LInux Technology Center, eCryptfs is derived from Erez Zadok's Cryptfs, and the FiST framework for stacked filesystems. eCryptfs extended Cryptfs to provide advanced key management and policy features. eCryptfs is currently actively maintained by Dustin Kirkland (of Canonical, Inc) and Tyler Hicks (of Canonical, Ltd).


Tyler Hicks

Tyler Hicks began working on eCryptfs in 2006, while at IBM's Linux Technology Center. He helped develop a number of kernel and userspace features prior to the eCryptfs kernel module being merged upstream. Tyler became the maintainer of the kernel piece when Mike Halcrow joined Microsoft. Tyler currently works for Canonical, on Ubuntu's Security Team, where he splits his time between releasing Ubuntu security updates, maintaining the eCryptfs kernel module, and assisting Dustin with ecryptfs-utils maintenance from time to time.

Dustin Kirkland

Dustin Kirkland has been the eCryptfs user space maintainer since 2008. Dustin previously worked for IBM in the Linux Technology Center's Security Team along with Tyler Hicks and Michael Halcrow, and then at Canonical on the Ubuntu Server Team, where he championed the eCryptfs-based Encrypted Home Directory feature -- delivering eCryptfs encryption to an estimated 3 million+ non-technical users. Dustin currently manages Canonical's Cloud Solutions -- product suites built on top of Ubuntu, OpenStack, MAAS, and Juju. Dustin is an active Core Developer of the Ubuntu Linux distribution, maintainer of 20+ open source projects, and the founder of KeyEscrow.net, DivItUp.com, and LinuxSearch.org. Dustin lives in Austin, Texas, with his wife, daughter, and two Australian Shepherds.

Michael Halcrow (emeritus)

Mike Halcrow adapted eCryptfs from Erez Zadok's Cryptfs and got it merged into the Linux kernel. He also wrote the initial versions of ecryptfs-utils. He did this while at the IBM Linux Technology Center, where he worked alongside Dustin Kirkland and Tyler Hicks. After finishing his CS Master's at UT Austin, he joined the BitLocker team at Microsoft, where he delivered features for Windows 7 and Windows 8. He now works in the Cloud Security team at Google. When not in the office, he enjoys cycling and doing outdoorsy stuff in Seattle with his family.