From 76311b60f2e208dbd93e1e7b6e9794770c14fede Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 1 Nov 2015 01:32:33 +0100
Subject: Add file header (on-disk-format change)

Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]

Quoting SECURITY.md:

* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
 * This means the position of the blocks is protected as well. The blocks
   can not be reordered or copied between different files without
   causing an decryption error.
---
 README.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'README.md')

diff --git a/README.md b/README.md
index e8d69cf..79ff3c8 100644
--- a/README.md
+++ b/README.md
@@ -62,3 +62,19 @@ The output should look like this:
 	BenchmarkStreamRead 	     200	   7848155 ns/op	 133.61 MB/s
 	ok  	github.com/rfjakob/gocryptfs	9.407s
 
+Changelog
+---------
+
+v0.3 (in progress)
+* Add file header that contains a random id to authenticate blocks
+ * This is an on-disk-format change
+
+v0.2
+* Replace bash daemonization wrapper with native Go implementation
+* Better user feedback on mount failures
+
+v0.1
+* First release
+
+See https://github.com/rfjakob/gocryptfs/releases for the release dates
+and associated tags.
-- 
cgit v1.2.3