Although many of the popular online storage services offer end-to-end encryption, the reality is that it’s not enough to guarantee absolute security and privacy, as only the transfer between you and the servers is encrypted. A better solution is to have your stuff encrypted (with a pass-phrase of your choice) before it is transmitted, making it nearly impossible for the service provider to decrypt the hosted data. In this article we will discuss one such tool – Cryptomator – that lets you apply client-side encryption to your data. Please note that all the instructions and commands mentioned in the article have been tested on Ubuntu 16.04 LTS.

Cryptomator

Cryptomator is an open source software application that lets you encrypt your data before it’s transmitted to the cloud. Available for Windows, OS X, Linux, iOS, and Android, it’s a free tool licensed under the MIT / X Consortium License, meaning anyone can check the tool’s source code. Cryptomator encrypts file contents and names using the AES encryption algorithm.

Download and Install

Users of Debian-based systems (like Ubuntu) can download the installation .deb file from the application’s official website. Once downloaded, you can easily install the application by either double clicking on the file or using the dpkg command. After Cryptomator is installed on Ubuntu, you can launch it from Ubuntu Dash.

Usage

Here’s the tool’s UI when it’s launched for the first time. To get started, you’ll have to create a vault which you can do by clicking the leftmost button (with rectangular icon) located towards the bottom left of the UI. A couple of options appear when it’s clicked. Select the “Create new vault” option. When you do that the tool will ask you to create a vault directory at the location of your choice – you can choose the directory corresponding to the cloud service you’re using. For example, I created a directory name “crypt-new-vault” inside my local Google Drive directory. Then you’ll have to password-protect the vault directory. Once the passwords are entered, the “Create vault” option will become active, and you can click it to create the vault. With the vault now created, you’ll have to unlock it to access its contents. To unlock, you’ll have to enter the same password that you used in the previous step. As you click the “Unlock vault” option, Cryptomator will open the contents of the vault in a virtual hard drive. As nothing is stored in the vault yet, the directory should be empty. I, for example, created a file named “crypt-test.txt” in it. When I try to take a look at the contents of the “crypt-new-vault” directory on my system, I can’t see the text file created above as it has been encrypted – you can now only access the file through Cryptomator. For those who want to understand the inner workings of the tool, there’s a dedicated Security Architecture page on the official website. Should you have any questions or encounter an issues, you can head to the Knowledge base page or file a ticket.

Conclusion

Winner of the CeBIT Innovation Award 2016, Cryptomator is an easy-to-use application that does what it promises – applies client-side encryption to files and doesn’t care where you store them. There’s also a good amount of documentation available on the official website to get you started. All in all, a tool worth giving a try. Image credit: Cloud Security