Changes between Version 15 and Version 16 of help/en/howto/cryptomator
- Timestamp:
- Jan 9, 2017 12:43:04 PM (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
help/en/howto/cryptomator
v15 v16 11 11 Compared to other client-side-encryption solutions the [https://cryptomator.org Cryptomator] based approach yields a few crucial advantages: 12 12 13 * in addition to file content encryption also file names are encrypted and directory structures obfuscated13 * in addition to file content encryption also file and directory names are encrypted and directory structures obfuscated 14 14 * no online services, no subscriptions, no accounts 15 15 * no need to share your cloud storage provider credentials … … 24 24 Both keys are encrypted using RFC 3394 key wrapping with a KEK derived from the user's password using scrypt. 25 25 26 The wrapped keys are stored in a JSON file named `masterkey.cryptomator` located in the root directory of a vault. 27 28 26 The wrapped keys (with some additional metadata) are remotely stored in a JSON file named `masterkey.cryptomator` located in the root directory of a vault. 29 27 30 28 === Filename Encryption === 31 TBD. 32 === File Content Encryption === 33 TBD. 29 Cryptomator uses AES-SIV to encrypt file as well as directory names. Additionally to the name, a unique directory ID of its parent directory is passed as associated data. This prevents undetected moving of files between directories. 30 31 === File Header Encryption === 32 33 The file header stores certain metadata, which is needed for file content encryption. It consists of 88 bytes. 34 35 * 16 bytes nonce used during header payload encryption 36 * 40 bytes AES-CTR encrypted payload consisting of: 37 * 8 bytes filled with 1 for future use (formerly used for file size) 38 * 32 bytes file content key 39 * 32 bytes header MAC of the previous 56 bytes 40 41 === File Content Encryption === 42 43 The cleartext is broken down into multiple chunks, each up to 32 KiB + 48 bytes consisting of: 44 45 * 16 bytes nonce 46 * up to 32 KiB encrypted payload using AES-CTR with the file content key 47 * 32 bytes MAC of 48 * file header nonce (to bind this chunk to the file header) 49 * chunk number as 8 byte big endian integer (to prevent undetected reordering) 50 * nonce 51 * encrypted payload 34 52 35 53 == Create new Vault ==