Your observation is correct, however, this does not prevent you from
syncing the ciphertext files. The ciphertext carries an 8 byte random
header, which is why the ciphertext looks completely different. If you copy
a ciphertext, you copy the header with it, and it will decrypt to identical
plaintext on the other end.
Keep uniqueIV enabled for security, as Mark has explained.
Note that due to caching, modifications in the ciphertext will show up in
the plaintext up to one second later. Unmount and remount makes sure
everything is up to date. If you can build from the latest source code, i
have added an --nocache option in my fork on github, it will hopefully be
merged soon.
On Nov 21, 2014 2:36 AM, "Matei David" <ma...@cs.toronto.edu> wrote:
> Hi,
>
> I'm interested in keeping two encfs folders in sync. One option is to
> run rsync/unison between the plaintext folders. I would like to have
> the additional option of performing sync on the ciphertexts.
>
> >From the tests that I ran, it seems to me that this is only possible if
> uniqueIV is set to 0 in the configuration file. Whenever this is set to
> 1, the ciphertexts of two identical plaintext folders seem to be
> different. To clarify, my tests consisted of running this script while
> tweaking various parameters inside encfs6.xml.
>
> #!/bin/bash -x
> cat encfs6.xml
> rm -rf /tmp/.docs-{1,2} /tmp/docs-{1,2}
> mkdir -p /tmp/.docs-{1,2} /tmp/docs-{1,2}
> echo password |
> ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-1 /tmp/docs-1
> echo password |
> ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-2 /tmp/docs-2
> echo "hello" >/tmp/docs-1/a-file
> rsync -a /tmp/docs-1/ /tmp/docs-2/
> md5sum /tmp/.docs-[12]/*
> fusermount -u /tmp/docs-1
> fusermount -u /tmp/docs-2
>
> My question is, are there security considerations why I would want to
> keep uniqueIV set to 1? I checked the manual and the guide here
> http://www.ict.griffith.edu.au/anthony/info/crypto/encfs.hints
> Neither mention unique IVs or what they are good for.
>
> Thanks,
> M
>
>
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
> _______________________________________________
> Encfs-users mailing list
> Encfs-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/encfs-users
>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Encfs-users mailing list
Encfs-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/encfs-users
