Potential security problem with Ecryptfs(?)
I've been playing around with ecryptfs and have been thinking about system security. One thing that worried me with ecryptfs was that the directory/file-structure is visible to anyone even when in encrypted state. Something that came to mind was that someone could simply scan the structure and get a list of all the files and the exact file sizes, this would make it possible to maybe link up some files with files that are available unencrypted elsewhere. So if for example someone would want to investigate if a download of certain files has been done they could simply compare the file-structure and file sizes. I did some tests on my own and concluded that the encypted files (with encrypted filenames) were not the exact same file size as the original unencrypted files and that this would satisfy this security worry.
However, I just saw this program: h.ttp://www2.opensourceforensics.org/node/158 (added a dot because I can't post links yet, <15 posts)
which does just that, it can scan for ecryptfs file structures and extract the _original_ file sizes and thereby circumvents this security layer completely. I'm now thinking that ecryptfs may not be that secure for other things than "unique" information, files that can't be compared to unencrypted files available somewhere else. Perhaps a block device encryption system such as dm-crypt or truecrypt is more secure in this regard.
What are your thoughts on this issue?