Does decrypting files negatively affect my hard drive each time I unlock an view a vault?

By negatively affect, I mean age my hard drive by having more write applied to the disk (I’m not tech savvy, but I hope this makes sense).

Of course, this would be unavoidable, but I was wondering what impact, if any, constantly decrypting large files (such as HDR video files from my phone) would have on my hard drive.

Thank you in advance!

I don’t see any reason it would put any more wear and tear on your hard drive than reading and writing ordinary (unencrypted) files – the extra “load” of encryption is handled by the computer processor (which also wouldn’t be affected, unless maybe you were pushing it to the edge of overheating with other demands).

1 Like

No additional I/O worth mentioning other than when accessing unencrypted files. To be 100% accurate this is the overhead:

  • The ciphertext files are insignificantly larger than the unencrypted ones (104 bytes header + 48 bytes per each 32kiB)
  • For exceptionally long file names there will be small metadata files stored inside the “m” directory of your vault (written once, read on each access)
  • During each unlock the masterkey.cryptomator will be copied to masterkey.cryptomator.bkup
1 Like

Thanks guys. I was worried about the constant decryption/re-encryption having a negative affect, in case it was making the files from scratch each time.

Oh yes, forgot to mention this: When modifying a single byte inside a huge file, Cryptomator re-writes the whole file with a new file-specific key. This might change in the future to get better random access performance during write and reduce the affected number of bytes that need to change in a file. But at least one 32kiB block needs to change, otherwise an attacker could reconstruct the differences before and after editing.

But other than the changed file, nothing gets re-written.

1 Like

Gotcha. So just to remove any room for doubt, unlocking and locking my vault doesn’t seriously affect my hard drive?

Thanks for all of your help and detailed info so far.


Only the masterkey backup file is written, but most likely it didn’t change (if you didn’t change the password), so there is a chance your file system or ssd firmware doesn’t even execute this write.

1 Like