hello, please tell me why the cryptomator cannot be used as a local storage for example for the veracrypt site and why. (and what are the weak points of cryptomator if you use it for veracrypt place?)
Cryptomator can be used for local storage as well, but I recommend against it, because Cryptomator leaks some metadata that Veracrypt doesn’t:
Thank you for such a quick response, please tell me if the cryptomator removes encryption keys from RAM and from the swap file?
To its best effort. E.g. during normal “unlock” it does so. However, if you reveal the password (eye icon in password field), what was a
char becomes a
String during UI rendering and can no longer be wiped reliably.
But that’s not the main reason. Rather, because the XTS mode used in VC is designed for low-level block device encryption. It can also not be authenticated practically.
For file system and file encryption, authenticated encryption with a variant of the CTR mode is needed. That’s AES-GCM and ChaCha-Poly.