From 9419e7ae85b3a7f9a721717f5676215b450d7c7b Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Tue, 8 Dec 2015 16:41:45 +0100
Subject: Update README + docs for v0.6 release

---
 Documentation/SECURITY.md              | 11 +++++++----
 Documentation/file-name-encryption.svg | 14 +++++++-------
 Documentation/performance.txt          |  7 ++++---
 3 files changed, 18 insertions(+), 14 deletions(-)

(limited to 'Documentation')

diff --git a/Documentation/SECURITY.md b/Documentation/SECURITY.md
index 003eadb..dff2fab 100644
--- a/Documentation/SECURITY.md
+++ b/Documentation/SECURITY.md
@@ -15,7 +15,7 @@ The KEK is generated from the user password using `scrypt`.
 File Contents
 -------------
 
-All file contents are encrypted using AES-256-GCM.
+All file contents are encrypted using AES-256-GCM (Galois/Counter Mode).
 
 Files are segmented into 4KB blocks. Each block gets a fresh random
 96 bit IV each time it is modified. A 128-bit authentication tag (GHASH)
@@ -37,8 +37,11 @@ File Names
 Every directory gets a 128-bit directory IV that is stored in each
 directory as `gocryptfs.diriv`.
 
-File names are encrypted using AES-256-CBC with the directory IV as
-initialization vector. The Base64 encoding limits the usable filename length
-to 176 characters.
+File names are encrypted using AES-256-EME (ECB-Mix-ECB wide-block encryption,
+see https://github.com/rfjakob/eme for details) with the directory IV
+as initialization vector. EME fixes the prefix leak that occours with CBC
+encryption.
 
 ![](https://rawgit.com/rfjakob/gocryptfs/master/Documentation/file-name-encryption.svg)
+
+The Base64 encoding limits the usable filename length to 176 characters.
diff --git a/Documentation/file-name-encryption.svg b/Documentation/file-name-encryption.svg
index 4093f24..45222e2 100644
--- a/Documentation/file-name-encryption.svg
+++ b/Documentation/file-name-encryption.svg
@@ -149,9 +149,9 @@
      borderopacity="1.0"
      inkscape:pageopacity="0.0"
      inkscape:pageshadow="2"
-     inkscape:zoom="1.979899"
-     inkscape:cx="299.54034"
-     inkscape:cy="65.144047"
+     inkscape:zoom="2.8"
+     inkscape:cx="290.22759"
+     inkscape:cy="52.741737"
      inkscape:document-units="px"
      inkscape:current-layer="layer1"
      showgrid="true"
@@ -186,7 +186,7 @@
         <dc:format>image/svg+xml</dc:format>
         <dc:type
            rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title></dc:title>
+        <dc:title />
       </cc:Work>
     </rdf:RDF>
   </metadata>
@@ -267,7 +267,7 @@
          id="tspan4157-3-0-7-6-8"
          x="316.79153"
          y="309.39807"
-         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">AES-256-CBC</tspan></text>
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">AES-256-EME</tspan></text>
     <path
        style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker8559)"
        d="m 558.97059,270.16733 -169.78791,0.0896 0,17.75633"
@@ -359,14 +359,14 @@
     <text
        xml:space="preserve"
        style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.01774597px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66333771px;word-spacing:0px;fill:#aa00d4;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="462.66055"
+       x="456.66174"
        y="266.66168"
        id="text4155-88-3-5-0"
        sodipodi:linespacing="125%"
        transform="scale(1.0001971,0.99980293)"><tspan
          sodipodi:role="line"
          id="tspan4157-9-7-3-8"
-         x="462.66055"
+         x="456.66174"
          y="266.66168"
          style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00295734px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px;fill:#aa00d4">IV</tspan></text>
     <rect
diff --git a/Documentation/performance.txt b/Documentation/performance.txt
index 2194311..c0bd2d0 100644
--- a/Documentation/performance.txt
+++ b/Documentation/performance.txt
@@ -2,11 +2,12 @@ All test performed on tmpfs, /tmp/a mounted on /tmp/b.
 The used test archive is https://www.kernel.org/pub/linux/kernel/v3.0/linux-3.0.tar.gz .
 
 UNTAR: tar xfz ../linux-3.0.tar.gz
-LS: ls -lR > /dev/null
-RM: rm -rf linux-3.0
+LS: ls -lR linux-3.0 > /dev/null
+RM: rm -Rf linux-3.0
 
 VERSION         UNTAR    LS     RM
 v0.4               48     1.5    5
 v0.5-rc1           56     7     19
 v0.5-rc1-1         54     4.1    9
-v0.5-rc1-2         45     1.7	 3.4
+v0.5-rc1-2         45     1.7    3.4
+v0.6               47     1.8    4.3
-- 
cgit v1.2.3