Browse Source

Correct spelling mistakes ;)

master
Hardcore Sushi 7 months ago
parent
commit
61b8bb5e49
Signed by: hardcoresushi
GPG Key ID: 007F84120107191E
  1. 3
      .gitignore
  2. 10
      README.md
  3. 2
      man/source.md

3
.gitignore vendored

@ -1,3 +1,4 @@
.DS_Store
/target
/local
/local
/.vscode

10
README.md

@ -11,9 +11,9 @@ doby started as a fork of [aef](https://github.com/wyhaya/aef) by [wyhaya](https
* Password brute-force resistance with [Argon2](https://en.wikipedia.org/wiki/Argon2)
* Increase the plaintext size of only 113 bytes
* Encryption from STDIN/STDOUT or from files
* Adjustable performance & secuity parameters
* Adjustable performance & security parameters
# Disclamer
# Disclaimer
doby is provided "as is", without any warranty of any kind. I'm not a professional cryptographer. This program didn't receive any security audit and therefore __shouldn't be considered fully secure__.
# Usage
@ -28,7 +28,7 @@ Decryption:
doby encrypted.doby decrypted.rs
```
If you ommit file path or use `-`, doby operates from `stdin/stdout`:
If you omit file path or use `-`, doby operates from `stdin/stdout`:
```bash
# Read from stdin and write to stdout
cat my-super-secret-music.flac | doby > encrypted.doby
@ -40,7 +40,7 @@ doby encrypted.doby > decrypted.flac
cat my-super-secret-logs-file.log | doby - logs.doby
```
Speicfy password from the command line:
Specify password from the command line:
```bash
doby --password "A super very ultra strong passphrase" my-super-secret-document.pdf document.doby
```
@ -275,7 +275,7 @@ _If you find any weakness or security issue is this protocol, please open an iss
## Why not using authenticated encryption such as AES-GCM instead of AES-CTR + HMAC ?
In order to encrypt data larger than memory, we need to split the plaintext into severavl smaller chunks and encrypt each of these chunks one by one. With authenticated encryption such as AES-GCM, this involves adding an authentication tag to each chunk. As a result, the final ciphertext size would be:
In order to encrypt data larger than memory, we need to split the plaintext into several smaller chunks and encrypt each of these chunks one by one. With authenticated encryption such as AES-GCM, this involves adding an authentication tag to each chunk. As a result, the final ciphertext size would be:
```
ciphertext size = plaintext size + (number of chunks ྾ tag size)
```

2
man/source.md

@ -11,7 +11,7 @@ doby [**-h** | **\--help**]
doby [**-V** | **\--version**]
# DESCRIPTION
doby aims to be a small, fast and user-friendly command line tool for symmectric encryption of single files. It uses modern cryptography and (obviously) it's built in rust.
doby aims to be a small, fast and user-friendly command line tool for symmetric encryption of single files. It uses modern cryptography and (obviously) it's built in rust.
doby can operate with files larger than memory but also from stdout/stdin. In addition to encrypt files, doby also use HMAC cryptography to authenticate the data. This means that encrypted files can't be tampered. Encryptions keys are derived from the user password using Argon2, an expensive KDF function that slows down a lot brute force attacks. You can find more details about cryptography on the doby's repository: https://forge.chapril.org/hardcoresushi/doby#cryptographic-details

Loading…
Cancel
Save