hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Update README and SECURITY documents

Browse Source
This commit is contained in:
Jakob Unterwurzacher 2015-11-29 22:36:25 +01:00
parent ce42a6f23d
commit cbb18380be
2 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@ -100,6 +100,22 @@ The output should look like this:
Changelog Changelog
--------- ---------
v0.5 (in progress)
* **Stronger filename encryption: DirIV**
* Each directory gets a random 128 bit file name IV on creation,
stored in `gocryptfs.diriv`
* This makes it impossible to identify identically-named files across
directories
* A single-entry IV cache brings the performance cost of DirIV close to
zero for common operations (see performance.txt)
* This is a forwards-compatible change. gocryptfs v0.5 can mount filesystems
created by earlier version but not the other way round.
* New command-line option:
* `-diriv`: Use the new per-directory IV file name encryption (default true)
* `-scryptn`: allows to set the scrypt cost parameter N. This option
can be used for faster mounting at the cost of lower brute-force
resistance. It was mainly added to speed up the automated tests.
v0.4 v0.4
* New command-line options: * New command-line options:
* `-plaintextnames`: disables filename encryption, added on user request * `-plaintextnames`: disables filename encryption, added on user request
@ -112,7 +128,7 @@ v0.4
* On-disk format 2 * On-disk format 2
v0.3 v0.3
* Add file header that contains a random id to authenticate blocks * **Add a random 128 bit file header to authenticate file->block ownership**
* This is an on-disk-format change * This is an on-disk-format change
* On-disk format 1 * On-disk format 1

13
SECURITY.md
View File

@ -22,21 +22,20 @@ encrypted data unless you know the key.
### File Names ### File Names
* File names are encrypted using AES-256-CBC because it is robust even * File names are encrypted using AES-256-CBC with a per-directory IV
without using an IV * Each directory get a random 128 bit IV on creation
* The file names are padded to multiples of 16 bytes * Files with the same name in different directories are encrypted to
different filenames and can not be identified
* File names are padded to multiples of 16 bytes
* This means that the exact length of the name is hidden, only length * This means that the exact length of the name is hidden, only length
ranges (1-16 bytes, 17-32 bytes etc.) can be determined from the encrypted ranges (1-16 bytes, 17-32 bytes etc.) can be determined from the encrypted
files files
* For technical reasons, no IV is used
* This means that files with the same name within one gocryptfs filesystem
always get the same encrypted name
### Metadata ### Metadata
* The size of the file is not hidden. The exact file size can be calculated * The size of the file is not hidden. The exact file size can be calculated
from the size of the encrypted file. from the size of the encrypted file.
* File owner, file permissions and timestamps are not hidden either * File owner, file permissions and timestamps are not hidden.
Integrity Integrity
--------- ---------