On Thu, Nov 20, 2014 at 5:28 PM, Matei David <ma...@cs.toronto.edu> wrote:
> Hi,
>
> I'm interested in keeping two encfs folders in sync. One option is to
> run rsync/unison between the plaintext folders. I would like to have
> the additional option of performing sync on the ciphertexts.
>
> >From the tests that I ran, it seems to me that this is only possible if
> uniqueIV is set to 0 in the configuration file. Whenever this is set to
> 1, the ciphertexts of two identical plaintext folders seem to be
> different. To clarify, my tests consisted of running this script while
> tweaking various parameters inside encfs6.xml.
>
> #!/bin/bash -x
> cat encfs6.xml
> rm -rf /tmp/.docs-{1,2} /tmp/docs-{1,2}
> mkdir -p /tmp/.docs-{1,2} /tmp/docs-{1,2}
> echo password |
> ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-1 /tmp/docs-1
> echo password |
> ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-2 /tmp/docs-2
> echo "hello" >/tmp/docs-1/a-file
> rsync -a /tmp/docs-1/ /tmp/docs-2/
> md5sum /tmp/.docs-[12]/*
> fusermount -u /tmp/docs-1
> fusermount -u /tmp/docs-2
>
> My question is, are there security considerations why I would want to
> keep uniqueIV set to 1? I checked the manual and the guide here
> http://www.ict.griffith.edu.au/anthony/info/crypto/encfs.hints
> Neither mention unique IVs or what they are good for.UniqueIV generates a random IV value for each file - that is why you are seeing the same plaintext/path resulting in different ciphertext when copied. The reasoning for uniqueIV is to prevent statistical attacks - without it the same plaintext results in the same ciphertext so an observer can tell how many copies of a file you have, and this is considered information leakage. --Mark ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Encfs-users mailing list Encfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/encfs-users
