skeeto
commented
6 years ago Yup, this is completely trivial. Enchive adds exactly 72 bytes to the original file size, some header and some footer (MAC). It doesn't try to compress the input or otherwise mask the input size.
This would be an issue when encrypting live packets of data — e.g. instant messages, text messages, VoIP. However, the ultimate purpose of Enchive is long-term file archival, so I'm not really concerned about this.
(If someone was super paranoid about this, they could append (i.e. with tar) a random quantity of bytes to the input using a wrapper script.)
I think you can calculate the exact size of a file based on the encrypted version. This could leak information in some situations. Could be solved by rounding up to a 1MB boundary.