Edit

First, I published this article three years ago, in 2013. As things moving fast, specially in security, Sebastian Messmer just advised me that EncFS is not a really secure tool anymore to save files on Dropbox. In February 2014, Taylor Hornby a scientist and security researcher done an audit of the EncFS code, and bad news :

EncFS is probably safe as long as the adversary only gets one copy of the ciphertext and nothing more. EncFS is not safe if the adversary has the opportunity to see two or more snapshots of the ciphertext at different times. EncFS attempts to protect files from malicious modification, but there are serious problems with this feature.

You can find the whole audit online . That mean EncFS is not a good way to secure your Dropbox, as it saves many snapshots of your files. Since this audit, several versions were released : https://github.com/vgough/encfs/releases , but unfortunately, all issues are not fixed yet. So Sebastian built his own crypto tool named Cryfs, it alreadydo the job, even if it's not user-friendly and cross platform yet, but that's a young tool. You can find a comparison of the market : https://www.cryfs.org/comparison and if you're interested in crypto, you can also read the Sebastian's thesis about cryfs.

Lesson learned : don't use the current encfs (1.8) version to protect your files on Dropbox, Open Source allows users to edit the code freely and thus increase the level of security for users of this code.

Synopsis

Nowadays, there is many cloud storage services (Dropbox, Bitcasa, Box, Hubic, Mega, Drive, Sparkleshare, etc) to sync/backup/share/copy your data. Thanks to it, you can prevent hard drive crash or access it from different devices.

Use a third-parties cloud providers mean you have to trust them and there is few questions :

If you hesitate or can't answer at one or more question, you have to consider to use EncFS to add a new layer of security for your private data. Moreover, according to the Fraunhofer institut report about cloud services (see Go further links) :

The results of the cloud storage provider analysis made clear that most, but not all, cloud storage providers offer built-in methods to encrypt the data to be stored in the cloud. However, the encryption schemes are sometimes not sufficient, as some storage providers encrypt data by using an encryption key generated by and stored at the provider. This means that users cannot be sure wether the storage provider also uses the key to decrypt their data, access the contents and possibly pass it on to third-parties. Even worse, some cloud storage providers do not encrypt data at all.

EncFS in a nutshell

EncFS is an encrypted virtual filesystem which provides a local directory based encryption. It works with FUSE which mean : you don't have to get any privilege to make it works and you can access it through your filesystem (because EncFS is a virtual filesystem : VFS).

Linux

natjohan# yum install fuse-encfs

Usage

From command line

You can use Encfs from the command line, the following command create an encrypted folder where your data will be stored and a folder and an other folder for your decrypted data :

natjohan $ encfs /home/.myencryptedfolder /home/mydecryptedfoler

Then follow the instructions (select p for paranoia mode, choose a very strong password and of course, don't forget it ;)

You can verify with :

natjohan $ cat /proc/mounts
 encfs /home/mydecryptedfoler fuse rw,nosuid,nodev,user_id=1000,group_id=1000,default_permissions 0 0

You should see an encfs line.

So, to use EncFS and show/put your data in your mydecryptedfoler you just have to recall :

natjohan $ encfs /home/.myencryptedfolder /home/mydecryptedfoler

Each data in this folder will be encrypted in your .myencryptedfolder.

To umount the folder :

natjohan $ fusermount -u /home/mydecryptedfolder

To change your password :

natjohan $ encfsctl passwd /home/.myencryptedfolder

Ŵith a GUI

There is also a GUI for Encfs called CryptKeeper, you can build it from source or on Fedora :

natjohan# yum install cryptkeeper

CryptKeeper offer a simple GUI thanks to a system tray applet, you can mount/umount or create encrypted folders.

There is also some options (with a right clic on the icon). So, the content of your encrypted folder should looks like this :

Android

"Ok, Encfs is pretty cool, but if I want to access to my data on my android device ?!" There is several android apps for decrypt Encfs folder, but CloudFetch is my favorite, you can decrypt local folder or directly link it with Dropbox, SpiderOak, SparkleShare and Ubuntu One (for the moment). Download it via Google play here

Windows

"On my family's computer ?"

Usage

To launch the GUI, just double click encfsw.exe and now you can easily manage your encrypted folders.

Os X Lion

I'm not a mac user but i found a solution for you on webdiary : you have to download and install Fuse4x to support FUSE and the EncFS mac installer on lisanet. Now you can use EncFS in command line.

If you want a GUI, just follow this quick howto (you need to install homebrew)

Go Further