Cryptomator Encrypts Your Files Before Uploading to Dropbox or Other Cloud-based File Storage Services

Many people are afraid to use Dropbox, Google Drive, or other file storage services because of the fear that “someone might see my personal data.” Whether the fear is valid or not can be discussed forever but there is a simple solution that always avoids the problem: encrypt everything before sending any files to the file storage service. Encrypted files cannot be read by anyone who does not know the encryption key. The result is that your private information remains private.

Of course, you could always manually encrypt the files one at a time by using any of the dozens of available encryption programs. However, if you have hundreds or thousands of files you wish to save online, encrypting them one at a time entails a LOT of work. Luckily, there is a simpler solution and, best of all, it is free.

Cryptomator provides transparent, client-side encryption for your files to be stored in the cloud. Cryptomator provides a virtual drive. You can add, edit, or remove files as you’re used to with any other disk drive. Not only do the contents of files get encrypted, even the file names and folder names get encrypted. Only the encrypted files stored in the virtual drive are sent to the file storage service. Cryptomator runs solely in your computer and does not need any infrastructure or accounts under anyone else’s control.

No other person or company has any access to your Cryptomator information. In fact, no one else will even know that you are using Cryptomator unless they have physical access to your computer. Some other file storage services may have access to your encryption keys and therefore may be able to prevent you from accessing your own data, as soon as they decide to change their terms and conditions or shut down completely. This is technically impossible with Cryptomator.

Cryptomator is available for Windows, Macintosh, and Linux. It is free and open source software, so you can rest assured there are no backdoors. Donations are accepted, however. The program will never beg you for a donation.

The biggest drawback I see to Cryptomator is there is no matching product for iPad, iPhone, or Android devices. You will not be able to retrieve and read encrypted files on those devices; you must use Windows, Macintosh, or Linux to retrieve and decrypt your files. For some people, this will be a show-stopper. Others will not care. However, you should know about that limitation and decide for yourself.

The free and open source Cryptomator program is available at: https://cryptomator.org/.

4 thoughts on “Cryptomator Encrypts Your Files Before Uploading to Dropbox or Other Cloud-based File Storage Services

    • —> In fact there is an app for Android[1] and for iOS[2] available.

      Sort of.

      I don’t know of any apps that are exactly like Cryptomator that AUTOMATICALLY encrypt things. However, one app that is otherwise close is AES Crypt for Windows, Macintosh, and Linux at http://www.aescrypt.com and its matching Android apps, Crypt4All, available in the Google Play Store. An Apple iOS app is also available in iTunes at https://itunes.apple.com/us/app/aescrypt/id791675640?mt=8

      AES Crypt is completely free open source software. The source code for AES Crypt algorithm and client software is available at AES Crypt ( http://www.aescrypt.com ).

      A number of the cloud-based file storage services also have their own methods of encryption but these are not open source.

      Like

  1. I haven’t tried Cryptomator yet (will wait for some in-depth audit/review to be published first),
    but If it does what it claims, it clearly fills a huge gap.

    However, it seems to me that there’s still an important caveat hosting those encrypted file all intact and on a single provider. Storing encrypted file on any of those provider (dropbox, onedrive, etc..) might be safe by now… until the encryption scheme used to encrypt your file get defeated (pretty much all of them get broken over time).. Those providers uses file versioning, and could restore files from any earlier version anytime. Suppose you’re being flagged by any given entities, for whathever reason. They could easily require/subponea those providers to apply a specific file retention on your files, shall the need arise late to perform a successful bruteforce decryption on those when encryption used get eventually get broken.

    Ultimately, while encrypted, the sole fact that those files get uploaded in full and to a same centralized location (ie dropbox). You’re not protected from this scenario.

    Cryptomator could avoid this by making the app to 1. chunk those files first along the encryption progress AND then (and only then) have those uploaded to multiple different providers, preferably keeping some of those chunk locally or on user-specified location. Similar to Syncthing and Toae-LAFS (among other) does.

    Like

    • —> until the encryption scheme used to encrypt your file get defeated (pretty much all of them get broken over time).

      I don’t know where you got that information but most encryption professionals will disagree with you. I am a FORMER encryption professional and even the methods we used years ago were foolproof and, to my knowledge, have never been broken. I can only guess at the methods used for today’s even better encryption methods. One statistic I have read a number of times is that some of today’s encryption methods probably could be broken IF AND ONLY IF the person has full-time use of a multi-million dollar super computer. Even then, it is expected to require 200 to 300 years to break the encryption.

      For details, read Wikipedia at https://en.wikipedia.org/wiki/Brute-force_attack where it says that AES-256 encryption “…would theoretically require 2128 − 1 bit flips on a conventional processor. If it is assumed that the calculation occurs near room temperature (~300 K) the Von Neumann-Landauer Limit can be applied to estimate the energy required as ~1018 joules, which is equivalent to consuming 30 gigawatts of power for one year.’

      “30 gigawatts of power for one year” is enough to power a medium-sized city.

      Many of the better encryption methods today use AES-1024 encryption which is much, much more than 4 times as strong as AES-256. We don’t know what the military uses today because they won’t tell us. However, I am guessing the military is now using something that is much, much stronger than AES-1024.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s