enchive
enchive copied to clipboard
Encrypted personal archives
I just tested this with `emacs -q`: Loading and enabling `enchive-mode`, then opening an ".enchive" file, the created buffer is read-only. I am unsure as to whether it should be,...
Does it make sense to store the first 32 bytes of the secret key since they seem to be always the same? ``` $ cat ~/.config/enchive/enchive.sec | xxd 00000000: 0000...
This KDF seems to be a homebrew thing https://github.com/skeeto/enchive/blob/master/src/enchive.c#L664 why not use scrypt? how was this particular KDF designed? is it based on some literature? no links to references are...
> MAC-then-Encrypt has resulted in serious problems in other tools and protocols. It intuitively makes sense why that would be. You're willingly allowing data to be tampered with and for...
I think you can calculate the exact size of a file based on the encrypted version. This could leak information in some situations. Could be solved by rounding up to...
It's usually a good idea for young/experimental/unaudited crypto code to add a warning somewhere for people to be aware that the tool might not be right for use in security-critical...
enchive on openbsd 7.3 runs ~5 times slower than on macos 10.13 or void linux. Extraction of the same archive file takes 11.5 sec on openbsd and less than 2...