Our great sponsors
-
Another comment had a library to their GitHub, which after a bit of looking mentions fuse : https://github.com/cryptomator/cryptomator/blob/develop/src/...
-
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
Single binary alternative, open source: https://github.com/FiloSottile/age
From former head of Go security team at Google.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
> Cryptomator's technology meets the latest standards and encrypts both files and filenames with AES and 256 bit key length.
I know you're advertising to slightly less technical users, but please provide some documentation explaining your choices! AES alone doesn't say anything about the mode of operation, which makes or breaks the scheme.
From a little sleuthing, it seems likely that they're using GCM-SIV[1], which is a good choice.
-
If it is not against the rules, I want to promote my project (https://github.com/netheril96/securefs) here. It is essentially the same functionality, but with authenticated encryption, better password hashing and optionally file size obfuscation (but no fancy UI).
-
DroidFS
Encrypted overlay filesystems implementation for Android. Also available on gitea: https://forge.chapril.org/hardcoresushi/DroidFS
-
True, they can see files sizes and you don't get integrity. But for less than top-secret stuff I'd take that tradeoff over CryFS performance issues with large files: