diff options
author | Jakob Unterwurzacher | 2015-09-06 12:53:32 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2015-09-06 12:55:55 +0200 |
commit | b00a70fc8dba019fdf6ab8d4faed1d04d414c00f (patch) | |
tree | 1c7b9ff14392741a2df4212af2f2ef8c6a3f0e09 /README.md | |
parent | e34e383d3765d6a6c5bfb7e9668e539509590032 (diff) |
readme: more details
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 24 |
1 files changed, 19 insertions, 5 deletions
@@ -11,16 +11,30 @@ Inspired by [EncFS](https://github.com/vgough/encfs). Design ------ * Authenticated encryption of file contents using AES-GCM-128 - * 96 bit nonce that starts from a random value and counts up + * Because GCM handles blocks of arbitrary size, there is no special handling for the last file block + * 4096 byte blocks per default + * 28 bytes of overhead per block (16 bytes auth tag, 12 byte nonce) * uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) for a 3x speedup compared to `crypto/cipher` -* AES-CBC filename encryption +* Per-write unique 96 bit nonces + * starts from a random value (generated at mount time) and counts up +* Flename encryption using AES-CBC-128 + * Padded to 16-byte blocks acc. to [RFC5652 section 6.3](https://tools.ietf.org/html/rfc5652#section-6.3) + * base64 encoded acc. to [RFC4648 section 5](https://tools.ietf.org/html/rfc4648#section-5) Current Status -------------- -* Work in progress -* Key is set to static all-zero -* Not ready for anything but testing and debugging +Not ready for anything but testing and debugging + +* File and directory creation and deletion works +* Thread-safe nonce generation works +* Filename and content encryption works + * Key is set to static all-zero +* Reading and writing works +* Streaming performance is already reasonable + * But we should be able to get another 50% speedup +* Symlinks and hard links not yet implemented +* Memory usage is insane Install ------- |