Hi, I'm interested in keeping two encfs folders in sync. One option is to run rsync/unison between the plaintext folders. I would like to have the additional option of performing sync on the ciphertexts.
>From the tests that I ran, it seems to me that this is only possible if uniqueIV is set to 0 in the configuration file. Whenever this is set to 1, the ciphertexts of two identical plaintext folders seem to be different. To clarify, my tests consisted of running this script while tweaking various parameters inside encfs6.xml. #!/bin/bash -x cat encfs6.xml rm -rf /tmp/.docs-{1,2} /tmp/docs-{1,2} mkdir -p /tmp/.docs-{1,2} /tmp/docs-{1,2} echo password | ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-1 /tmp/docs-1 echo password | ENCFS6_CONFIG=encfs6.xml encfs -S /tmp/.docs-2 /tmp/docs-2 echo "hello" >/tmp/docs-1/a-file rsync -a /tmp/docs-1/ /tmp/docs-2/ md5sum /tmp/.docs-[12]/* fusermount -u /tmp/docs-1 fusermount -u /tmp/docs-2 My question is, are there security considerations why I would want to keep uniqueIV set to 1? I checked the manual and the guide here http://www.ict.griffith.edu.au/anthony/info/crypto/encfs.hints Neither mention unique IVs or what they are good for. Thanks, M ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Encfs-users mailing list Encfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/encfs-users