summaryrefslogtreecommitdiff
path: root/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'README.md')
-rw-r--r--README.md23
1 files changed, 14 insertions, 9 deletions
diff --git a/README.md b/README.md
index 79ff3c8..4e0d760 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
GoCryptFS [![Build Status](https://travis-ci.org/rfjakob/gocryptfs.svg?branch=master)](https://travis-ci.org/rfjakob/gocryptfs)
==============
-An encrypted overlay filesystem focused on security and correctness.
+An encrypted overlay filesystem written in Go.
gocryptfs is built on top the excellent
[go-fuse](https://github.com/hanwen/go-fuse) FUSE library and its
@@ -8,20 +8,19 @@ LoopbackFileSystem API.
This project was inspired by [EncFS](https://github.com/vgough/encfs)
and strives to fix its security issues (see EncFS tickets 9, 13, 14, 16).
-For details on the security of GoCryptFS see the
+For details on the security of gocryptfs see the
[SECURITY.md](SECURITY.md) document.
Current Status
--------------
-* First public release
-* Feature-complete
+* Feature-complete and working
* Passes the fuse-xfstests "generic" tests with one exception, results: [XFSTESTS.md](XFSTESTS.md)
* A lot of work has gone into this. The testing has found bugs in gocryptfs
as well as in go-fuse.
- * The one exceptions generic/035. This is a limitation in go-fuse,
+ * The one exception is generic/035. This is a limitation in go-fuse,
check out https://github.com/hanwen/go-fuse/issues/55 for details.
* However, gocryptfs needs more real-world testing - please report any issues via github.
-* Only Linux operation has been tested. Help wanted for a Mac OS X port.
+* Only Linux operation has been tested. Help wanted for Mac OS X verification.
Install
-------
@@ -43,12 +42,18 @@ Use
-rw-rw-r--. 1 user user 233 7. Okt 23:23 gocryptfs.conf
$ fusermount -u plain
+Storage Overhead
+----------------
+
+* Empty files take 0 bytes on disk
+* 18 byte file header for non-empty files (2 bytes version, 16 bytes random file id)
+* 28 bytes of storage overhead per 4kB block (12 byte nonce, 16 bytes auth tag)
+
Performance
-----------
- * 28 bytes of storage overhead per block (16 bytes auth tag, 12 byte nonce)
- * uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl)
- for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details
+* uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl)
+ for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details
Run `./benchmark.bash` to run the test suite and the streaming read/write
benchmark. The benchmark is run twice, first with native Go crypto and