From c0883413004ba3f7667bc881a7645752184adcf4 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Mon, 4 Jan 2016 01:32:22 +0100 Subject: comparison.md WiP --- docs/comparison.md | 103 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 docs/comparison.md (limited to 'docs/comparison.md') diff --git a/docs/comparison.md b/docs/comparison.md new file mode 100644 index 0000000..78b20cf --- /dev/null +++ b/docs/comparison.md @@ -0,0 +1,103 @@ +Other Projects +============== + +There are several open-source file encryption solutions available. +This page tries to help to find the right one for your use case: + +* [gocryptfs](https://nuetzlich.net/gocryptfs/) (this project), aspiring successor of EncFS +* [EncFS](https://github.com/vgough/encfs), mature with known security issues +* [eCryptFS](http://ecryptfs.org/), integrated into the Linux kernel +* [Cryptomator](https://cryptomator.org/), strong cross-platform support through Java and WebDAV + +If you spot an error or want to see a project added, please +[file a ticket](https://github.com/rfjakob/gocryptfs-website)! + +Overview +-------- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
gocryptfsencfsecryptfscryptomator
First release2015200320062014
LanguageGoC++CJava
LicenseMITLGPL/GPLGPLApache/BSD/MIT
File interfaceFUSEFUSEin-kernel filesystemWebDAV
Platform supportLinux (help wanted for Mac OS X port)Linux, Mac OS XLinux onlyLinux, Mac OS X, Windows
+ + +General Security +---------------- + +| | gocryptfs | encfs default | encfs paranoia | ecryptfs | cryptomator | +| ----------------------- | --------- | --------------------- | --------------------- | ------------------------------------ | ------------------ | +| Documentation available | Yes [1] | Yes [2] | Yes [2] | No | Yes [3] | +| Password hashing | scrypt | PBKDF2 | PBKDF2 | (none, implemented in external tool) | scrypt | + + +References: +[[1]](security.md) +[[2]](https://github.com/vgough/encfs/blob/master/DESIGN.md) +[[3]](https://cryptomator.org/#security) + + +File Contents +------------- + +| | gocryptfs | encfs default | encfs paranoia | ecryptfs | cryptomator | +| ---------- | --------- | --------------------- | --------------------- | -------- | ------------------ | +| Encryption | GCM | CBC, CFB (last block) | CBC, CFB (last block) | CBC | CTR with random IV | +| Integrity | GCM | none | HMAC | none | HMAC | + + +File Names +---------- + +| | gocryptfs | encfs default | encfs paranoia | ecryptfs | cryptomator | +| -------------------- | --------------------- | -------------------- | -------------------- | -------- | ----------- | +| Encryption | EME | CBC | CBC | CBC | SIV | +| Prefix leak | no (EME) | no (HMAC used as IV) | no (HMAC used as IV) | yes [2] | no (SIV) | +| Identical names leak | no (per-directory IV) | no (path chaining) | no (path chaining) | yes [1] | yes | + +References: +[[1]](https://gist.github.com/rfjakob/a04364c55b3ee231078d) +[[2]](https://gist.github.com/rfjakob/61a17bf3c7eb9932d791) -- cgit v1.2.3