Re-design of the original gocryptfs code to work as a library.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Jakob Unterwurzacher f2e2b81361
8 years ago
cryptfs Add OpenSSL support for file content encryption/decryption 8 years ago
frontend Add streaming read and write benchmarks 8 years ago
openssl_benchmark Add openssl_benchmark.bash script 8 years ago
.gitignore Rebase to cluefs 8 years ago Add 8 years ago
main.go Add 8 years ago
main_benchmark.bash Add streaming read and write benchmarks 8 years ago
main_test.go Add 8 years ago


A minimal encrypted overlay filesystem written in Go.

Built on top of the native Go FUSE library and the ClueFS loopback file system.

Inspired by EncFS.


  • Authenticated encryption of file contents using AES-GCM-128
  • 96 bit nonce that starts from a random value and counts up
  • uses openssl through spacemonkeygo/openssl for a 3x speedup compared to crypto/cipher
  • AES-CBC filename encryption

Current Status

  • Work in progress
  • Key is set to static all-zero
  • Not ready for anything but testing and debugging


Run ./main_benchmark.bash to run the test suite and the streaming read/write benchmark.

The output should look like this:

$ ./main_benchmark.bash
+ go build
+ go test -bench=.
BenchmarkStreamWrite	     100	  14062281 ns/op	  74.57 MB/s
BenchmarkStreamRead	     100	  11267741 ns/op	  93.06 MB/s
ok	7.569s