22nd April 2012

For contractual reasons I am currently unable to maintain any of my Open Source projects. I will remove or update this notice if and when that changes again. You are free to fork my projects under the provisions of their respective licensing terms, or contact me in case the license is not permissive enough for your purpose.

RoseFS: Rock-Solid Encrypted File System, based on FUSE

My latest pet project: a FUSE based passthrough encrypted file system “done right” (or “done wrong”, depending on the viewpoint).

It is backup-friendly, MacOS X friendly (but also runs on Linux, FreeBSD), works on top of case insensitive but case preserving filesystems (such as HFS+). It supports but does not preserve sparse files. To avoid severe scalability issues, it does not cryptographically chain filenames and directories; in other words, renaming and moving are constant time operations.

RoseFS uses PBKDF2 with SHA-256 for key derivation, AES-256 in CTR mode with per-file random IVs for file data encryption and AES-256 in CBC mode for directory and filename encryption.

RoseFS is work in progress. See the in-file documentation in rose.c on Github for more information:

Fork me on GitHub