Hi,
I'm interested in keeping two encfs folders in sync. One option is to
run rsync/unison between the plaintext folders. I would like to have
the additional option of performing sync on the ciphertexts.
>From the tests that I ran, it seems to me that this is only possible if
uniqueIV is set to 0 in the configuration file. Whenever this is set to
1, the ciphertexts of two identical plaintext folders seem to be
different. To clarify, my tests consisted of running this script while
tweaking various parameters inside encfs6.xml.
#!/bin/bash -x
cat encfs6.xml
rm -rf /tmp/.docs-{1,2} /tmp/docs-{1,2}
mkdir -p /tmp/.docs-{1,2} /tmp/docs-{1,2}
echo password |
ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-1 /tmp/docs-1
echo password |
ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-2 /tmp/docs-2
echo "hello" >/tmp/docs-1/a-file
rsync -a /tmp/docs-1/ /tmp/docs-2/
md5sum /tmp/.docs-[12]/*
fusermount -u /tmp/docs-1
fusermount -u /tmp/docs-2
My question is, are there security considerations why I would want to
keep uniqueIV set to 1? I checked the manual and the guide here
http://www.ict.griffith.edu.au/anthony/info/crypto/encfs.hints
Neither mention unique IVs or what they are good for.
Thanks,
M
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Encfs-users mailing list
Encfs-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/encfs-users
