diff options
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 23 |
1 files changed, 14 insertions, 9 deletions
@@ -1,6 +1,6 @@ GoCryptFS [![Build Status](https://travis-ci.org/rfjakob/gocryptfs.svg?branch=master)](https://travis-ci.org/rfjakob/gocryptfs) ============== -An encrypted overlay filesystem focused on security and correctness. +An encrypted overlay filesystem written in Go. gocryptfs is built on top the excellent [go-fuse](https://github.com/hanwen/go-fuse) FUSE library and its @@ -8,20 +8,19 @@ LoopbackFileSystem API. This project was inspired by [EncFS](https://github.com/vgough/encfs) and strives to fix its security issues (see EncFS tickets 9, 13, 14, 16). -For details on the security of GoCryptFS see the +For details on the security of gocryptfs see the [SECURITY.md](SECURITY.md) document. Current Status -------------- -* First public release -* Feature-complete +* Feature-complete and working * Passes the fuse-xfstests "generic" tests with one exception, results: [XFSTESTS.md](XFSTESTS.md) * A lot of work has gone into this. The testing has found bugs in gocryptfs as well as in go-fuse. - * The one exceptions generic/035. This is a limitation in go-fuse, + * The one exception is generic/035. This is a limitation in go-fuse, check out https://github.com/hanwen/go-fuse/issues/55 for details. * However, gocryptfs needs more real-world testing - please report any issues via github. -* Only Linux operation has been tested. Help wanted for a Mac OS X port. +* Only Linux operation has been tested. Help wanted for Mac OS X verification. Install ------- @@ -43,12 +42,18 @@ Use -rw-rw-r--. 1 user user 233 7. Okt 23:23 gocryptfs.conf $ fusermount -u plain +Storage Overhead +---------------- + +* Empty files take 0 bytes on disk +* 18 byte file header for non-empty files (2 bytes version, 16 bytes random file id) +* 28 bytes of storage overhead per 4kB block (12 byte nonce, 16 bytes auth tag) + Performance ----------- - * 28 bytes of storage overhead per block (16 bytes auth tag, 12 byte nonce) - * uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) - for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details +* uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) + for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details Run `./benchmark.bash` to run the test suite and the streaming read/write benchmark. The benchmark is run twice, first with native Go crypto and |