From d3da06814dc706d2f1dd207cbdb6e2e0b6584ee3 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 24 Dec 2020 22:53:31 -0500
Subject: [PATCH] document metadata encryption

---
 static/faq.html | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/static/faq.html b/static/faq.html
index e0887f6f..e2a82b22 100644
--- a/static/faq.html
+++ b/static/faq.html
@@ -337,8 +337,11 @@
                     <p>File data is encrypted with AES-256-XTS and file names with AES-256-CTS. A
                     unique key is derived using HKDF-SHA512 for each regular file, directory and
                     symbolic link from the per-profile encryption keys, or the device encryption
-                    key for non-sensitive data stored outside of profiles. GrapheneOS increases
-                    the file name padding from 16 bytes to 32 bytes.</p>
+                    key for non-sensitive data stored outside of profiles. The directory key is
+                    used to encrypt the file names. GrapheneOS increases the file name padding
+                    from 16 bytes to 32 bytes. AES-256-XTS with the device encryption key is also
+                    used to encrypt filesystem metadata as a whole beyond the finer-grained file
+                    name encryption.</p>
 
                     <p>The OS derives a password token from the profile's lock method credential
                     using scrypt. This is used as the main input for key derivation.</p>