Cryptomator Secures Your Cloud Storage Data (Open Source, Multi-Platform Client-Side Encryption Tool)

If you're looking for a cross-platform solution to encrypt your cloud storage files, I suggest you give Cryptomator a try.

Cryptomator is a free and open source software tool that provides client-side encryption for your cloud storage files, available for Windows, Mac, Linux, iOS and Android.

The tool, which is very easy to use, supports any cloud storage provider that synchronizes with a local directory, so it works with Dropbox, Google Drive (Google Backup and Sync or whatever Google calls it nowadays), OneDrive, ownCloud, and so on.

Because Cryptomator uses client-side encryption, it means your data is first encrypted and only then synchronized with the online cloud storage service, so no unencrypted data leaves your computer. Internally, Cryptomator uses WebDAV to provide the virtual, unencrypted drive, but FUSE integration is also in the works for Linux and Mac, and there's already a Cryptomator beta version which includes this.

Using Cryptomator, you can encrypt your whole cloud storage, or only a few important, sensitive files such as documents or whatever you like. You can even create multiple vaults for a single cloud storage provider, so for example you can have a vault for personal use, as well as a vault that's shared with your colleagues, each with its own individual password.vailable on GitHub, but it's not recommended to be used by inexperienced users for security reasons.

While Cryptomator is designed to encrypt your cloud storage data, you don't have to use it with a cloud storage provider. The application can also be used to simply encrypt a folder on your system or some external drive.

You may also care about performance. The Cryptomator developers say that there's no limit on the size of a vault in both bytes or number of files, and the performance will not suffer significantly if you use some very large files. However, directory listing may get slow for cases in which the directory contains a large number of files (1000+).

So what about its security? Cryptomator encrypts both the file contents as well as filenames (the folder structure is obfuscated as well) using AES with 256-bit key length, while the passphrase is protected against bruteforce attacks using Scrypt, a password-based key derivation function (which is designed to be computationally intensive, so the attacker would need to perform the operation billions of times). You can read more about the Cryptomator security on its website.

In my opinion, a cloud storage encryption solution needs to be free and open source software, secure, multi-platform because, after all, we're living in a world where we need to access files on multiple devices, and be easy to use. And Cryptomator has all of these features.

Below I wrote how Cryptomator works, not because it's not easy to use (it is as easy as it gets), but so you can get an idea on what to expect before using it.

How to use Cryptomator on your desktop to encrypt your cloud storage data

The first time you run Cryptomator, you'll notice its very simple user interface with only 3 buttons - one to add a vault, a button to remove an existing vault and a settings button (you don't need to modify any settings unless unless you want to specify a different WebDav scheme or port, enable debug mode or enable / disable checking for updates).

To get started, click the + button and select Create New Vault:

Now browse for your cloud storage provider folder (for example your Dropbox folder), enter a name for your new vault and click Save:

To be able to synchronize the data, make sure you select a folder inside your Dropbox, MEGA, ownCloud or whatever cloud storage you use.

Now enter a passphrase for your new encrypted vault (make sure you don't forget it as there's no way to recover the data without this passphrase) and click the Create Vault button:

When you want to open your encrypted vault, enter the password, click Unlock Vault...:

... and a new window of your default file manager should open, pointing to the Cryptomator WebDAV location:

Place any files that you want to encrypt in your cloud storage, in this WebDAV folder. In the future, this is how you'll be able to access your files unencrypted.

If you check the files in your cloud storage, you'll notice they are encrypted.

Here's the end result on my system:

On the left-hand side of the screen you can see the contents of the newly created encrypted vault called "crypt" which sits in my Dropbox folder. On the right-hand side of the screen it's the WebDAV created by Cryptomator, which is mounted in Nautilus file manager, and contains a Documents folder which is not encrypted. The left and right folders have the same files, the difference being that my Dropbox folder contains only encrypted files (left), while I can easily access those files unencrypted (right) from my file manager.

You can also check out the official Cryptomator English desktop user manual.

Download Cryptomator

The Cryptomator Linux download page offers binaries in the form of an Ubuntu / Linux Mint PPA, deb packages for Debian, Ubuntu and other deb-based Linux distributions, rpm packages for Fedora, openSUSE, Red Hat, and other rpm-based Linux distributions, as well as an Aur package.

A Cryptomator JAR file is also available on GitHub, but it's not recommended to be used by inexperienced users for security reasons.