How does Cryptomator compare to Veracrypt security-wise?


#1

Obviously Cryptomator is more convenient and easier to work with - especially when it comes to encrypting files that will be stored in the cloud. For some of my files Cryptomator is fine, but for files that are extra sensitive I’ve always used Veracrypt because I assumed it was significantly more secure than Cryptomator. You get a level of customization with Veracrypt for example that’s absent in Cryptomator at the moment.

I do wonder if my assumptions are correct though. Strictly in terms of security, how does Cryptomator compare to Veracrypt? I’m not a fan of how clunky Veracrypt is with the cloud, especially since most (privacy-oriented) cloud platforms don’t use differential/block-level syncing. But I’ll continue to use it for some of my files if the difference in security between Cryptomator and Veracrypt is still significant.


#2

Hi.
Here you can read how cryptomators encryption works.


#3

How does this stack up to Veracrypt though? I don’t understand enough about cryptography to make sense of this (despite the lack of a formal audit though, I’ve heard enough good things about the validity and trustworthiness of Cryptomator’s encryption that I’ve put my faith in it).

The fact that Veracrypt volumes can be encrypted with so many different algorithms (AES, Serpent, Twofish, Camellia, Kuznyechik, and ten different combinations of these) plus the fact that you can further customize the encryption by moving your mouse randomly within the Volume Creation Wizard for as long as you want (significantly increasing the cryptographic strength of the encryption keys) makes me feel as if Veracrypt must be far more secure than Cryptomator. I’ve never felt completely comfortable with the fact that there’s so little customization available with Cryptomator - what you see is what you get.

I want to know how valid these concerns are though. Is the encryption algorithm used by Cryptomator “enough”? Is it substantially weaker than the encryption you can get with Veracrypt? This is what I’m not sure about. I’ve heard that with the advances currently being made in computing, many of the encryption algorithms that are considered strong now may not be considered strong in the near future, and this is also a big concern of mine.


#4

Not sure if this is allowed, but bump?


#5

Re Veracrypt / Cryptomator comparison. Please be aware that I’m not a tech or any kind of expert. Hopefully someone else will improve or correct my answer!

I think the two are possibly complimentary. Veracrypt is a way of securing local files and Cryptomator is geared at encrypting stuff in the cloud.

There are reasons for doing both so I would consider using Veracrypt (or an alternative) to encrypt locally and then put your cloud volumes including the Cryptomator volumes inside the Veracrypt disk or container.

It would be great to get some expert input to confirm that is (or is not) a viable approach.


#6

Cipher Configuration

Veracrypt lets you configure what ciphers and key lengths you’re using. This is beneficial to users who know exactly what they want.

Cryptomator uses the ciphers and configurations that are known to work well with each other. Our philosophy is slightly different here. We don’t want to give the user all the choices, we want to offer a software that is as easy as possible. Also our pre-chosen ciphersuite means less complexity and less attack surface. On the other hand if AES gets broken, we can not easily switch to let’s say Twofish without publishing a new release.

File Layout

Veracrypt creates just one container, so an attacker does not even know how many files you have.

Cryptomator encrypts each file for its own. While this enables cloud synchronization of just the files that really changed, it leaks the information how many files exist in a vault.

When to Use Which Software

I personally recommend Veracrypt to people who want to encrypt their USB flash drive and Cryptomator to people who want to synchronize encrypted files to some server.


#7

Thanks for the explanation - this does put my mind at ease. I really did think the lack of customization was a huge drawback, but if there’s a good reason for it then I’m happy. I don’t care about certain meta-data getting leaked, I just care about whether the encryption algorithms used might be broken in the near/near-ish future (with little warning). I’ve also heard rumors about cloud providers holding on to files that have been deleted, which is concerning for similar reasons. My understanding is that by using multiple ciphers you can configure a Veracrypt vault in a way that it would virtually be unbreakable even in the face of rapid advances in computing, which doesn’t seem to be the case with Cryptomator.


#8

We need to distinguish two different scenarios here:

  1. Advances in computing capabilities (Moore’s law). This is why there is an ample security margin when it comes to key lengths. E.g. 128 bit keys are considered secure for now. 256 bit keys (like Cryptomator uses) are even better, but not because of progression in computing power itself but because of potential complexity reduction in quantum algorithms like Grover’s algorithm that allow bruteforcing out 2256 keys in just n*2128 operations which is (as I said before) considered a sufficient security margin for the foreseeable future.
  2. Using multiple different ciphers, so that there is still sufficient protection if one of the ciphers gets broken. This is called cascading encryption and Veracrypt offers such an option. The benefits and downsides are discussed in this crypto.stackexchange thread.

#9

Thanks for this! After checking out the link to the thread you sent me and reading some other threads, I think I’ll just go with Cryptomator for cloud storage. Veracrypt is so much less convenient and doesn’t seem to give me any meaningful security gain. You’ve really put my mind at ease :slight_smile:


#10

Hi there, I was reading this old article, and was sufficiently interested in the discussion to contribute my findings on this very topic as I too was looking at the differences of VeraCrpt to Cryptomator recently.
Steps to replicate my experience…

Ensure you have at least 2 users configured on your windows (win 10 in my case) machine, say you and ‘Test User’.

  1. Logged on as yourself, create a test Veracrypt vault, put 1 file in it.
  2. Save and close the vault.
  3. Now, while still logged in as yourself, mount your test Veracrypt vault as you would normally, assign it drive ‘T:’, giving you access to your single test file (E.G t:\testFile.txt)…ok so far?
  4. Now, from your windows start menu, ‘Switch User’, log in as your other Windows Account (E.G ‘Test User’).
  5. Now while logged in as Test User, open windows explorer, do you see a ‘T:’ drive? Can you open and read T:\Testfile.txt that was created by your main user account?
    In my case, I could indeed see T: drive as ‘Test User’ and could read the file…:frowning:
    From my perspective, this is a security issue of some magnitude, as it allows another account with access to your machine to see the drives you have open from another account on the same machine.

I performed the similar action with Cryptomator (open the vault, ensuring the drive is assigned), and after switching user to the other account, my cryptomator drive was not visible to other users.

Would be interested, should you replicate these steps, if your experience is similar.