Cryptomator is a free and open source Java tool that provides client-side encryption for your cloud storage files, available for Windows, Mac and Linux. There are also iOS and Android applications - these are open core (a business model for the monetization of commercially produced open-source software), and need to be purchased.
It works with cloud storage services that synchronize with a local directory, like Dropbox, OneDrive (on Linux using e.g. OneDrive Free Client fork) and Google Drive (including using it with Insync). You can choose to either encrypt your whole cloud storage, or only a few sensitive files, in either a single or multiple vaults.
It's worth mentioning that while Cryptomator was created with cloud storage encryption in mind, it can also be used to encrypt a folder on your system or some external drive.
Cryptomator uses client-side encryption, it means your data is first encrypted and only then synchronized with the online cloud storage service, so no unencrypted data leaves your computer. Internally, Cryptomator uses FUSE, WebDAV or Dokany, depending on what you want to use and the operating system you're using, to provide the virtual, unencrypted drive.
For encryption, Cryptomator encrypts the file contents as well as the filenames using AES with 256-bit keys (unlimited strength policy bundled with native binaries), while the passphrase is protected against brute force attacks using Scrypt, a password-based key derivation function (which is designed to be computationally intensive, so the attacker would need to perform the operation billions of times).
Cryptomator 1.5.0 with a vault unlocked, and the vault opened in Nautilus (GNOME Files) file manager |
The latest Cryptomator 1.5.0 release comes with a full rewrite of the user interface, with the goal of making "the onboarding process easier for users". The vault unlock, vault add, and vault options have all been redesigned, and there's a new option to change the vault password. Also, the password input has been improved with a Caps Lock indicator and an option to reveal the password.
0 Comments