Update README and SECURITY documents
This commit is contained in:
Jakob Unterwurzacher
parent
ce42a6f23d
commit
cbb18380be
18
README.md
18
README.md
|
|
@ -100,6 +100,22 @@ The output should look like this:
|
||||||
Changelog
|
Changelog
|
||||||
---------
|
---------
|
||||||
|
|
||||||
|
v0.5 (in progress)
|
||||||
|
* **Stronger filename encryption: DirIV**
|
||||||
|
* Each directory gets a random 128 bit file name IV on creation,
|
||||||
|
stored in `gocryptfs.diriv`
|
||||||
|
* This makes it impossible to identify identically-named files across
|
||||||
|
directories
|
||||||
|
* A single-entry IV cache brings the performance cost of DirIV close to
|
||||||
|
zero for common operations (see performance.txt)
|
||||||
|
* This is a forwards-compatible change. gocryptfs v0.5 can mount filesystems
|
||||||
|
created by earlier version but not the other way round.
|
||||||
|
* New command-line option:
|
||||||
|
* `-diriv`: Use the new per-directory IV file name encryption (default true)
|
||||||
|
* `-scryptn`: allows to set the scrypt cost parameter N. This option
|
||||||
|
can be used for faster mounting at the cost of lower brute-force
|
||||||
|
resistance. It was mainly added to speed up the automated tests.
|
||||||
|
|
||||||
v0.4
|
v0.4
|
||||||
* New command-line options:
|
* New command-line options:
|
||||||
* `-plaintextnames`: disables filename encryption, added on user request
|
* `-plaintextnames`: disables filename encryption, added on user request
|
||||||
|
|
@ -112,7 +128,7 @@ v0.4
|
||||||
* On-disk format 2
|
* On-disk format 2
|
||||||
|
|
||||||
v0.3
|
v0.3
|
||||||
* Add file header that contains a random id to authenticate blocks
|
* **Add a random 128 bit file header to authenticate file->block ownership**
|
||||||
* This is an on-disk-format change
|
* This is an on-disk-format change
|
||||||
* On-disk format 1
|
* On-disk format 1
|
||||||
|
|
||||||
|
|
|
||||||
13
SECURITY.md
13
SECURITY.md
|
|
@ -22,21 +22,20 @@ encrypted data unless you know the key.
|
||||||
|
|
||||||
### File Names
|
### File Names
|
||||||
|
|
||||||
* File names are encrypted using AES-256-CBC because it is robust even
|
* File names are encrypted using AES-256-CBC with a per-directory IV
|
||||||
without using an IV
|
* Each directory get a random 128 bit IV on creation
|
||||||
* The file names are padded to multiples of 16 bytes
|
* Files with the same name in different directories are encrypted to
|
||||||
|
different filenames and can not be identified
|
||||||
|
* File names are padded to multiples of 16 bytes
|
||||||
* This means that the exact length of the name is hidden, only length
|
* This means that the exact length of the name is hidden, only length
|
||||||
ranges (1-16 bytes, 17-32 bytes etc.) can be determined from the encrypted
|
ranges (1-16 bytes, 17-32 bytes etc.) can be determined from the encrypted
|
||||||
files
|
files
|
||||||
* For technical reasons, no IV is used
|
|
||||||
* This means that files with the same name within one gocryptfs filesystem
|
|
||||||
always get the same encrypted name
|
|
||||||
|
|
||||||
### Metadata
|
### Metadata
|
||||||
|
|
||||||
* The size of the file is not hidden. The exact file size can be calculated
|
* The size of the file is not hidden. The exact file size can be calculated
|
||||||
from the size of the encrypted file.
|
from the size of the encrypted file.
|
||||||
* File owner, file permissions and timestamps are not hidden either
|
* File owner, file permissions and timestamps are not hidden.
|
||||||
|
|
||||||
Integrity
|
Integrity
|
||||||
---------
|
---------
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue