On 08.02.2016 23:44, Blumenthal, Uri - 0553 - MITLL wrote: > I meant that since file size does change with encryption padding, MAC, > and IV - if (a) one picks large block size, and (b) filesize are > comparable to block size, it would be hard to tell one (small) file > from another. Think copies of text emails (not those JavaScript > monsters :). :-) Yes, for very small files, this would work. >>> Yes. I’m not talking about immaturity (i.e., bugs present and waiting >>> to be found and remedied). I’m talking about design decisions and >>> their consequences. For example, one obvious drawback is limitation on >>> multi-user access. >> There is the issue in the current implementation that you can get >> conflicts when multiple users are modifying the same directory at the >> same time. This is, however, an implementation issue and not a design >> issue. If you're interested in some possible solutions, you can take a >> look at section 4.6 in https://www.cryfs.org/cryfs_mathesis.pdf . > Let me take a look and get back to you. Thanks. I'm happy about any feedback you can give me. >> I'm not sure whether >> VeraCrypt can handle multiple instances accessing the same container >> file at the same time though. > I don’t know (yet). As long as they didn't take special attention to this when implementing VeraCrypt (which I don't see why they would), I think it is improbable that VeraCrypt can handle this scenario. It is much easier to implement it assuming there is only one process accessing the container file at a time. > >> As a side note, the way CryFS stores its blocks is a quite small module >> in the application that could easily be changed to directly storing it >> on EBS or S3 (or any other cloud provider). I'm thinking about offering >> a version that runs directly off the cloud without a local copy of the >> ciphertexts. This is only an idea and nothing concrete yet though. > I think it would be *very* nice to have this option/capability. > Yes, I think so as well. It has also disadvantages (e.g. longer access times, slower read/write speeds, ...), but it is something worth trying. I have other things on my agenda currently, but will definitely try it out in future. It would only be a small code change however, so if you're interested in implementing it, I'm happy to give you an introduction to the code base.
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Encfs-users mailing list Encfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/encfs-users
