mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2025-03-04 10:39:50 +00:00
Code Issues Releases Wiki Activity

docs: datas: enc: 1.1.x mas different MACs

Browse source
This commit is contained in:
Marian Beermann 2017-02-18 00:01:16 +01:00
parent 6b21d63086
commit c03a7ad844
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docs/internals/data-structures.rst
View file

@ -438,12 +438,12 @@ Encryption
.. seealso:: The :ref:`borgcrypto` section for an in-depth review.
AES_-256 is used in CTR mode (so no need for padding). A 64 bit initialization
vector is used, a `HMAC-SHA256`_ is computed on the encrypted chunk
vector is used, a MAC is computed on the encrypted chunk
and both are stored in the chunk.
The header of each chunk is: ``TYPE(1)`` + ``HMAC(32)`` + ``NONCE(8)`` + ``CIPHERTEXT``.
Encryption and HMAC use two different keys.
The header of each chunk is: ``TYPE(1)`` + ``MAC(32)`` + ``NONCE(8)`` + ``CIPHERTEXT``.
Encryption and MAC use two different keys.
In AES CTR mode you can think of the IV as the start value for the counter.
In AES-CTR mode you can think of the IV as the start value for the counter.
The counter itself is incremented by one after each 16 byte block.
The IV/counter is not required to be random but it must NEVER be reused.
So to accomplish this |project_name| initializes the encryption counter to be