[gentoo-security] Encrypting a user home folder on a laptop

I am probably being paranoid, but I'd like to encrypt my /home/username folder on my laptop. I tried EncFS using [1], but KDE didn't seem to work under that setup because of the restriction that the filesystem doesn't support hardlinks. So now I am playing around with [2]. The only problem I have here is that it seems like I have to know in advance what size I want to use for my home folder (I am using a file as a loopback device rather than a partition, mostly because I already have a system up and don't want to mess with resizing partitions). Is there any way to resize the loopback device on the fly, or do you just have to create a new one and copy the files into it every time you need to resize?

Another question I have: I am pretty new to ciphers. One thing I have learned is that the avalanche effect is desirable, meaning that one bit flipped in the plaintext should cause about half of the ciphertext bits to flip. Does the dm-crypt setup have much correlation between encryption blocks to where this avalanche effect would change the whole file, or just a few encryption blocks? To illustrate, I'm looking to encrypt probably something like 40 GB of data. If I change 1 bit somewhere in my plaintext, how many bytes of that 40 GB of total data on my loopback device should I expect that bit flip to have an effect on?

Thanks for any enlightenment you can offer!

[1] http://gentoo-wiki.com/HOWTO_Encrypt_Your_Home_Directory_Using_EncFS
[2] http://gentoo-wiki.com/SECURITY_dmcrypt

-- 
Randy Barlow
http://electronsweatshop.com
-- 
gentoo-security@lists.gentoo.org mailing list