Feature request: reverse encryption?


Wondering if its possible to have feature to take a unencrypted directory with contents and mount to a mount point where the target contents are encrypted on the fly. Encfs has the -reverse flag that does this. Its great if you want to store everything natively unecrypted on your local disks, but sync an encrypted “view” to the cloud without having to duplicate the contents.

Reverse mode needed for production environment

Is there a plan to offer reverse mode?

On my company we are evaluating Cryptomator and since version 1.4 (beta) with the FUSE mode it seems promising.

However lot’s of our data are on already system wide encrypted drives and first we wanted to use Cryptomator as a backup solution. However we don’t want to be dependent on Cryptomator as a component internally and it makes no sense to re-encrypt all of our data but we would be happy to use Cryptomator for all cloud things.

A reverse mode like encfs offers would be ideal for backup purposes. Are there any plans to support this?


hi @therealmarv!

I totally get your point and actually we’re currently evaluating if we can provide a solution that encrypts only when pushing data to the cloud and not locally. The working title of this solution is Defendor and you can think of it as a gateway between your clients and your cloud storage. Everything that passes through it will get encrypted, but your clients only handle decrypted data.

See how security mechanisms are chained at defendor.skymatic.de.

This is an early stage, but we have the tech and knowledge and have successfully implemented an internal prototype. So if you have any thoughts on it, please feel free to share them.