Cyberduck Mountain Duck CLI

Changes between Version 14 and Version 15 of help/en/howto/cryptomator


Ignore:
Timestamp:
Jan 9, 2017 12:31:32 PM (4 years ago)
Author:
yla
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • help/en/howto/cryptomator

    v14 v15  
    55[[Image(cryptomator.png)]]
    66
    7  Support for client side encryption with [https://cryptomator.org/ Cryptomator] interoperable vaults.
     7Support for client side encryption with [https://cryptomator.org/ Cryptomator] interoperable vaults.
    88
    9 The Cyberduck encryption feature is based on the excellent concepts and work of [https://cryptomator.org Cryptomator]. Cryptomator is free and open source software. Since Cyberduck is also open source software anyone is able to audit the source code. No security by obscurity, no hidden backdoors from third parties, no need to trust anyone except yourself.
     9The Cyberduck encryption feature is based on the excellent concepts and work of [https://cryptomator.org Cryptomator]. [https://cryptomator.org Cryptomator] is free and open source software. Since Cyberduck is also open source software anyone is able to audit the source code. That means no security by obscurity, no hidden backdoors from third parties, no need to trust anyone except yourself.
     10
     11Compared to other client-side-encryption solutions the [https://cryptomator.org Cryptomator] based approach yields a few crucial advantages:
     12
     13* in addition to file content encryption also filenames are encrypted and directory structures obfuscated
     14* no online services, no subscriptions, no accounts
     15* no need to share your cloud storage provider credentials
    1016
    1117== Encryption Security Architecture ==
     18
     19Please refer to [https://cryptomator.org/architecture/ Cryptomator security overview] for more details.
     20
     21=== Masterkey ===
     22
     23 Each vault has its own 256 bit encryption as well as MAC masterkey used for encryption of file specific keys and file authentication, respectively.
     24 Both keys are encrypted using RFC 3394 key wrapping with a KEK derived from the user's password using scrypt.
     25
     26The wrapped keys are stored in a JSON file named `masterkey.cryptomator` located in the root directory of a vault.
     27
     28
    1229
    1330=== Filename Encryption ===
swiss made software