diff options
| author | Jakob Unterwurzacher | 2015-11-01 12:14:59 +0100 | 
|---|---|---|
| committer | Jakob Unterwurzacher | 2015-11-01 12:14:59 +0100 | 
| commit | 0a4aa4b42780ac96420c4068c90003f139c53f85 (patch) | |
| tree | 75db41f1a9519345cfefe7aa3c37b238683fee7c | |
| parent | 902babdf22199d73171716e643f1ffbb65e6fb48 (diff) | |
README: Describe storage overhead
| -rw-r--r-- | README.md | 23 | 
1 files changed, 14 insertions, 9 deletions
| @@ -1,6 +1,6 @@  GoCryptFS [](https://travis-ci.org/rfjakob/gocryptfs)  ============== -An encrypted overlay filesystem focused on security and correctness. +An encrypted overlay filesystem written in Go.  gocryptfs is built on top the excellent  [go-fuse](https://github.com/hanwen/go-fuse) FUSE library and its @@ -8,20 +8,19 @@ LoopbackFileSystem API.  This project was inspired by [EncFS](https://github.com/vgough/encfs)  and strives to fix its security issues (see EncFS tickets 9, 13, 14, 16). -For details on the security of GoCryptFS see the +For details on the security of gocryptfs see the  [SECURITY.md](SECURITY.md) document.  Current Status  -------------- -* First public release -* Feature-complete +* Feature-complete and working  * Passes the fuse-xfstests "generic" tests with one exception, results: [XFSTESTS.md](XFSTESTS.md)   * A lot of work has gone into this. The testing has found bugs in gocryptfs     as well as in go-fuse. - * The one exceptions generic/035. This is a limitation in go-fuse, + * The one exception is generic/035. This is a limitation in go-fuse,     check out https://github.com/hanwen/go-fuse/issues/55 for details.  * However, gocryptfs needs more real-world testing - please report any issues via github. -* Only Linux operation has been tested. Help wanted for a Mac OS X port. +* Only Linux operation has been tested. Help wanted for Mac OS X verification.  Install  ------- @@ -43,12 +42,18 @@ Use  	  -rw-rw-r--. 1 user  user  233  7. Okt 23:23 gocryptfs.conf  	$ fusermount -u plain +Storage Overhead +---------------- + +* Empty files take 0 bytes on disk +* 18 byte file header for non-empty files (2 bytes version, 16 bytes random file id) +* 28 bytes of storage overhead per 4kB block (12 byte nonce, 16 bytes auth tag) +  Performance  ----------- - * 28 bytes of storage overhead per block (16 bytes auth tag, 12 byte nonce) - * uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) -   for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details +* uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) +  for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details  Run `./benchmark.bash` to run the test suite and the streaming read/write  benchmark. The benchmark is run twice, first with native Go crypto and | 
