Hi Holger, On Thu, Sep 11, 2014 at 06:42:32PM +0200, Holger Levsen wrote: > I (probably too briefly) skimmed though the bug report, but couldn't find a > usecase where an encrypted filestem container with broken crypto could be > useful. Could you elaborate, please?
As far as I understand the EncFS Security Audit, encfs is not using 'broken crypto'. The conclusion of the audit states it quite clearly: "EncFS is probably safe as long as the adversary only gets one copy of the ciphertext and nothing more. EncFS is not safe if the adversary has the opportunity to see two or more snapshots of the ciphertext at different times. EncFS attempts to protect files from malicious modification, but there are serious problems with this feature." (from https://defuse.ca/audits/encfs.htm) A common use case for disk encryption is to protect a lost or stolen laptop. And the adversary is not some powerful agency, but a curious person browsing through the hard disk before formatting it. I see no reason to assume that encfs is not good enough for that use case, at the moment. Of course, the crypto should be improved ASAP, as attacks to crypto only get better. Regards, Jan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
