File Holes are Not Authenticated #11
Labels
Comments
Closed
lukateras
added a commit
to prism-break/prism-break
that referenced
this issue
Jan 15, 2019
From the latest audit (https://defuse.ca/audits/encfs.htm): > EncFS is probably safe as long as the adversary only gets one copy of > the ciphertext and nothing more. EncFS is not safe if the adversary has > the opportunity to see two or more snapshots of the ciphertext at > different times. EncFS attempts to protect files from malicious > modification, but there are serious problems with this feature. vgough/encfs#8 vgough/encfs#9 (critical) vgough/encfs#10 vgough/encfs#11 vgough/encfs#13 vgough/encfs#16 vgough/encfs#17
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
From: https://defuse.ca/audits/encfs.htm
Exploitability: High
Security Impact: Low
File holes allow large files to contain "holes" of all zero bytes, which are not saved to disk. EncFS supports these, but it determines if a file block is part of a file hole by checking if it is all zeroes. If an entire block is zeroes, it passes the zeroes on without decrypting it or verifying a MAC.
This allows an attacker to insert zero blocks inside a file (or append zero blocks to the end of the file), without being detected when MAC headers are enabled.
The text was updated successfully, but these errors were encountered: