Best encryption boxcryptor vs cryptomator

Encryption is a subject that is a subject that i find hard to understand.
It’s a comprimise between ease of use (or lack of knowledge) and how strong the encryption method is being used.
From what i understand is that the encryption method being used by boxcryptor is very good, but the lack in the free version at least is the non file name encryption which is a giveaway to hackers.

This is where cryptomator has a bonus, but i cant find any comparison between the encryption methods being used.
Can one of the team members explain a bit in easy to understand words the how to on this subject.

I use linux ubuntu LTS 18.04

Maybe this helps.
Boxcryptor encryption description
Cryptomator encryption description

Ok thank you
I find it difficult to understand,but i give it a try

There is not a lot to compare due to the lack of information about the actual encryption scheme boxcryptor uses. Not only the used algorithms but also the process of encryption is important because even a minor error in the process can lead to a broken encryption which then can be easily cracked. Not that boxcryptor encryption scheme is faulty, but as you already pointed out as a developer you make a compromise between security and useabillity.

With the information you get on the boxcryptor site you can say that both rely on the well-proofed industry standard AES-algorithm with 256bit key length. Additionally boxcryptor uses RSA but you don’t know their key length or how it is used in the process.

1 Like

Thanks for the info.
I realize that there are many things to consider what makes an encryption app save or not.
I go for CM as i do want to use encryption but not a any price so that is the tradeoff i make and with that i hope the best of it.

1 Like

I have been using CM over the past days and so far so good.

2 qn’s remain.

1 when making a backup of my home folder (ubuntu 18.04 lts) with grsync how do i include my hidden folders where the CM data is stored.

2 how do i bakcup the the folder key as there are 2 files and one is the backup key file.

You create a custom mount point in the home folder:

  1. Create a new folder in the home dir
  2. Open settings of your vault
  3. Activate “Custom Mount Point”
  4. Choose the created folder.

Then the decrypted vault will be included in your backup.

Some changes to the vault will lead to a new masterkey.cryptomator-file like changing the password, updating the vault format etc. In this situations, we create a new version of this (backup) file. So it is a good idea to backup all files if you want to restore the files e.g. using the old password.
The masterkey.cryptomator is always the latest version.

Ok makes sense.
This is what i have done.

I had a file made in the home folder (say: cm docs folder) where the files are in that i wanted to be encrypted i guess this is what you mean.
With Grsync i made a copy of the whole home folder with all regular folders in them incl. the cm docs folder.
What i dont understand is the custom mount point option
If i understand i correctly its not needed when doing a backup of home folder as the (cm folder) was included in that backup and was encryped as with caja i can enter it, but its all encrypted which is what the intention was in the 1ste place.

I think the confusion here comes from what exactly should be backed up:

In Cryptomator you have a storage directory, where the encrypted data is stored and an access point/directory where you can decrypt&access the data.

I think @Jane wants to backup the storage directory, but @SailReal thought the encrypted data should be backed up over the access point. For the first point you just have to backup all the directories and files of the storage point (where the masterkey file is located). For the latter a custom mount point is the easiest way to go.

We should really add a graphic to the docs explaining this difference.

1 Like

Yes a graphical image could make things more clear for people like me who are not that bright to understand this kinda subject.
Sorry for that.
Must be a generation thing …