Few people know, but this is very necessary knowledge that everyone should have. Let’s start with what encryption is. Encryption is the reversible transformation of information in order to hide it from unauthorized persons while giving authorized users access to it. Encryption mainly serves the task of maintaining the confidentiality of the transmitted information. An important feature of any encryption algorithm is the use of a key that approves the selection of a specific transformation from the set of possible ones for this algorithm. Users are authorized if they have a certain authentic key. The whole complexity and, in fact, the task of encryption lies in how exactly this process is implemented. In general, encryption consists of two components: encryption and decryption. With the help of encryption, three states of information security are ensured.
Privacy. Encryption is used to hide information from unauthorized users during transmission or storage. Integrity. Encryption is used to prevent information from being altered during transmission or storage. Identification. Encryption is used to authenticate the source of information and prevent the sender of information from denying the fact that the data was sent to them. Encryption of folders and individual files is a reliable guarantor of their security. There are several methods Windows users can use to protect their devices and the data stored on them.
In fact, no one needs his secrets. And by the way, such a key for $5 still needs to be found
To begin with, briefly about standard solutions integrated into operating systems. In modern smartphones, the implementation of full-disk encryption is quite reliable, at least judging by the cost of exploits on the black market. If you use a password instead of a pin code, disable biometrics, and don’t touch the bootloader, then an ordinary attacker is unlikely to get hold of the data. With desktop operating systems, the situation is more complicated. In macOS, Apple uses FileVault technology based on the XTS-AES-128 algorithm with a key length of 256 bits and a T2 cryptographic chip for working with keys. This solution is close to iPhone encryption in terms of reliability. At the same time, Windows offers BitLocker, which encrypts the system using 128-bit or 256-bit AES and Encrypting File System to encrypt individual files, but these features are not available in Windows 10/11 Home. They work in professional editions of the operating system. There is a common standard LUKS encryption method for Linux, but its implementations vary from distribution to distribution. AES encryption with 256-bit keys is commonly used, but LUKS works with various ciphers (Serpent, Twofish, CAST-128, CAST-256) and hash functions (SHA-1, SHA-256, SHA-512, RIPEMD160, WHIRL . The result is a zoo that cannot be given a single unequivocal assessment. Therefore, the presence of standard encryption does not prevent the existence of a number of alternative solutions with open source code. They are designed for more diverse usage scenarios. Let’s go from simple to complex.
Hat.sh and Cloaker. Web applications that provide local encryption of individual files in the browser using the well-known libsodium library and cryptographic algorithms.
XChaCha20-Poly1305 – for symmetric encryption
Argon2id – to get a key based on a password
X25519 – for key exchange
Hat.sh and Cloaker are simple solutions that require no prior configuration. Hat.sh is best for encrypting large files, while Cloaker is mobile-optimized and has a desktop version. Due to the chosen encryption algorithm and browser execution, their use is better — rather, protecting files against transmission through unsecured channels than long-term storage of information.
A tiny, 2 MB, but functional utility that does not require installation or administrator rights. Typically uses XChaCha20 and Argon2’s key generation function to create crypto containers. “Paranoia Mode” uses cascading encryption — sequentially encrypts data using XChaCha20 and Serpent, and uses HMAC-SHA3 instead of BLAKE2b for authentication. From the point of view of cryptography, the use of one encryption algorithm already reliably protects data. Re-encryption with a different algorithm does not increase stability, but at the same time increases the resources used and the time of operation.
protect encrypted containers from corruption at the cost of a small size increase with error-correcting Reed-Solomon codes
break containers into parts
compress files during packaging
use key files as an additional (or only) method of protecting crypto containers
Cryptomator. Windows, macOS, Linux, iOS, Android
Cryptomator is not a replacement for cloud storage clients, but it is designed specifically for encrypting directories synced with them. This program hides the directory structure, encrypts files and their names using AES and a 256-bit password-generated key using scrypt. AES was selected on a competitive basis as the de facto international standard. AES is one of the most popular and extensively researched ciphers. That’s not to say it doesn’t have its flaws, for example a theoretical way to reduce the strength of AES by 2 bits of the key has been developed, but no practically useful attack has been found since 1997. However, the encryption algorithm is not everything. It is important to notice that Cryptomator does not hide metadata: timestamps of access, modification and creation of files, as well as the number and size of files and folders. The Cryptomator documentation describes the security architecture in detail. Some Cryptomator cryptographic libraries have been audited by Cure53. An exception is cryptolib-swift, the library used in Cryptomator for iOS. In addition, the source code of mobile applications is not published.
Duplicati. Windows, macOS, Linux
A specialized solution for securely backing up files to cloud storage. It uses AES-256 to protect data with SharpAESCrypt or GnuPG. Duplicati supports backups, meaning it first downloads a full backup and then saves small incremental updates. Additionally, this utility allows you to back up open or locked files using Windows’ Volume Snapshot Service (VSS) or Linux’s Logical Volume Manager (LVM).
RClone. Windows, macOS, Linux, .deb, .rpm, FreeBSD, Plan9, Solaris
It’s an all-in-one cloud data management tool that can move, copy, sync, mount, verify, delete, deduplicate, and of course, encrypt. For cryptographic protection of files in RClone, a 256-bit key and salt are used, created on the basis of a pair of different user passwords. By the way, about passwords. Given the large dictionaries and databases available to attackers, the safest option for crypto containers and any other purpose would be passwords with a length of 16 characters or more. Either completely random, or passwords where part is random and part is your passphrase. To generate and store them, you can use managers, for example, KeePass Password Safe. In RClone, encryption is performed using NaCl SecretBox, using XSalsa20 and Poly1305 algorithms, which also ensure file integrity. File and directory names are also encrypted by default. File structure and size and other metadata are not encrypted. Unlike Cryptomator, RClone connects directly to the cloud. It supports two-way synchronization (as an experimental feature for now), so it is suitable for automatic file synchronization between devices in a scenario where files are encrypted before being uploaded to the cloud and stored on the computer in a decrypted form. However, to set up such a configuration, you will have to tinker with the console. RClone has only a basic web interface, encryption settings are done using text commands.
VeraCrypt. Windows, macOS, Linux, FreeBSD, Raspberry Pi
A well-known solution for creating secure file containers with a long history, reputation, regular updates and great features. VeraCrypt allows for hidden volumes and cascading encryption, provides plausible deniability. Supports full disk encryption, competing with BitLocker. By default, this utility uses 256-bit AES encryption, but it supports other ciphers: Camellia, Konik, Serpent, and Twofish with a 256-bit key and various combinations thereof. All these algorithms are block-based (input data is processed in blocks) and symmetric (the same key is used to encrypt and decrypt messages). They use identical linear and non-linear operations, differing only in lengths and parameter values. The cryptoresistance of block ciphers is taken axiomatically and is confirmed by the absence of discovered attacks. You can even say that by the number of unsuccessful attempts to find them.
zuluCrypt. Linux
This program is actually a GUI for working with cryptsetup . It uses the Linux kernel cryptographic API to create and mount PLAIN dm-crypt, LUKS volumes, TrueCrypt, VeraCrypt, and BitLocker containers. Doesn’t allow you to create BitLocker partitions, only view their contents, but is otherwise versatile.
Kryptor. Windows, macOS, Linux
A console file encryption and signing tool being developed as a replacement for age and Minisign, as well as a modern alternative to GPG . Uses XChaCha20-Poly1305 algorithm for file protection, argon2id for password-based key generation, BLAKE2b for hashing, X25519 for key exchange, and Ed25519 for digital signatures. All of them are implemented using the library libsodium. Well-documented. Kryptor hides metadata and file names and supports asymmetric keys, so it allows you to set up file exchange with sender authentication over previously insecure channels.
Dexios. Linux, Windows, MacOS, FreeBSD
Another console encryption tool. Written in the Rust language and capable of encrypting both individual files and directories. Like Kryptor, it has detailed documentation. Dexios supports AES-256-GCM and ChaCha20-Poly1305 for file encryption, as well as BLAKE3-Balloon and argon2id for key generation. All cryptographic primitives are taken from the RustCrypto suite. And also, in 2022, Dexios passed the NCC inspection without significant remarks.
Tomb. Linux
A shell for the Linux kernel cryptographic API. Tomb serves to manage cryptsetup and LUKS. By default, the AES-256 (XTS plain) algorithm is used to protect files and directories, but it can use all cryptographic primitives available in Linux. In concept, this utility resembles zuluCrypt, but Tomb allows you to store cryptographic keys separately, for example, on a flash drive, and supports steganography (hiding keys in texts and JPEG files). Such audits are an important thing. Despite all the urban legends about bookmarks in popular encryption algorithms, domestic and foreign, there is no such evidence. All the algorithms listed in the article have been known to the cryptographic community for a long time, each of them has been repeatedly analyzed and not a single attack close to a practical one has been found. The best result obtained by Russian cryptanalysts for modern standardized cryptomechanisms refers to the MQ-DRBG key generation algorithm. To the authors research managed to reduce the crypto strength from 256 to 153 bits, but no practical attacks were found, and the existence of a bookmark was not proven. However, the algorithm itself is one thing, the implementation of encryption in a specific program is another. A lot can go wrong at this level. Periodic independent verification of cryptographic tools is very important. A good example will be described below.
SiriKali. Windows, macOS, Linux
The all-in-one solution is a Qt/C++ GUI harvester that manages encrypted folders with a set of tools.
Ecryptfs and Cryptomator
Securefs and Cppcryptfs
These are all console tools that can be used separately from SiriKali. Quite a wide selection, however, not all of them are equally useful. Thus, during the audit in 2014, vulnerabilities were found in EncFS, which have not yet been fixed. The project has not been updated since 2018 and, frankly, it is outdated. In contrast, we highlight Gocryptfs (passed the audit and was finalized according to the results), cppcryptfs and Securefs, which serve to create and manage container directories based on the AES256-GCM-based FUSE (Filesystem in Userspace) file system. These solutions conceptually occupy an intermediate place between cryptographic containers and file-by-file encryption. FUSE utilities manipulate containers at the logical level, but each file in a container is stored separately. This approach is best for working with cloud storage — changing one file doesn’t mean reloading the entire container, but Filesystem in Userspace doesn’t hide directory structures and file sizes. As for CryFS, this console utility is designed to be used with Dropbox or other cloud services. It uses the Crypto++ library for cryptography. Its architecture is described in a master’s thesis and a scientific paper published at DBSec 2017. The basis is the AES-256 cipher. CryFS provides a different type of encrypted file system. It breaks files into encrypted blocks that are stored in the base directory using a random identifier as the file name. So, in addition to hiding file contents, CryFS hides metadata and directory structure. The approach has a disadvantage — many separate files generated by the program. In some cloud services, you can quickly encounter a limit on the maximum number of files. In addition, when encrypting files smaller than a few MB, CryFS increases the space occupied by them due to the fixed size of the encrypted block. But the main drawback of the utility is that it is still in beta testing.
As you can see, the Open Source community has created and supports many interesting and useful encryption programs, but when it comes to the solutions that cryptographic experts use in everyday life, it is usually VeraCrypt.