Cryptomator/Dropbox between Fedora 39 and Windows 7 64-bit

Win7forever · February 8, 2024, 11:16pm

Hi guys, I did try to read all the previous related posts, so I just want to verify something.

If I install Cryptomator 1.5.17 on my Windows 7* machine, which appears to be the last 1.5.x that should work on 64-bit Windows 7
And whatever is the last version that’s currently in Fedora/Flatpak repos on my Linux machine.
Will I be able to open the vault (synced via Dropbox) on both PCs?

Thank you very much!
*I have a piece of software that can no longer be obtained and activated, and which I need for work.

Michael · February 9, 2024, 5:50am

Hi.
No that won’t work as with Version 1.6 and higher the vault format changed from 7 to 8
See here: Vault Format History — Cryptomator 1.7.0 documentation

That means if you want to open a vault with app version 1.5.x, you’ll have to use this old version on all other machines as well.

Please do not consider this as a recommendation to use such an old cryptomator version.

Win7forever · February 10, 2024, 7:24pm

Thank you Michael! I knew I had read this somewhere, but couldn’t find it again, that’s why I asked. AppImage FTW until I no longer need Win 7.

Win7forever · February 21, 2024, 2:16pm

Hi guys, everything works fine with this setup. But before I fully commit to Cryptomator, I’d like to know how will the upgrade work in the future:

Will the Vault format be upgraded? Or will I have to create a new vault, using the new version of Cryptomator, download all my files and then re-upload them into the new vault?
I’ve also seen a huge number of old posts regarding the encryption keys that, with the old version of the vault, are stored directly in Dropbox. What happens with these keys when one upgrades?

Thank you for your help!

Michael · February 21, 2024, 2:36pm

If you open an old vault format with a newer cryptomator app, you will be asked to start the migration process. This should not download/upload all your files

Don’t know where you read this, but the encryption key is stored nowhere. That would be a huge security issue. I guess you mean the masterkey file (which is not the encryption key). As far as I know the masterkey file is unchanged when you migrate from vault format 7 to 8.

Win7forever · February 21, 2024, 6:52pm

An example is this long-winding argument about the masterkey.cryptomator file where the penultimate post says “It’s already under development and will be a feature of vault format 8 coming with version 1.6”. And elsewhere, I can’t recall where now, it was mentioned that this change was necessary for the creation of the Cryptomator Hub. So I assume that something will happen with the masterkey.cryptomator file during the upgrade, so I just want to know what to expect or possibly be careful about.

Michael · February 21, 2024, 8:54pm

Yep, so I was right with my assumption that you mixed up encryption key with masterkey file.
In simple words: the encryption key is generated by the key in your masterkey file AND your password. That’s why the file is still in the cloud (and available everywhere you want to open that vault) and still no one can decrypt your vault just with the masterkey.
Detailes here: Security Architecture — Cryptomator 1.7.0 documentation
But as people wanted to have an option to store this file somewhere else, and this this feature was introduced later on.
But as far as I know this feature did not change the masterkey content. Just the way the path to it is handled.

Win7forever · February 22, 2024, 5:31pm

Thank you Michael. So it seems like the future upgrade should be pretty painless. The vault format will be migrated automatically and unless I desire to keep the masterkey.cryptomator file elsewhere, I do not need to worry about it either. Great!