Serious Discussion Data encryption software: CPPcryptfs

chetuyet.hp

Level 1
Thread author
Dec 11, 2022
10
cppcryptfs is based on the design of gocryptfs, an encrypted overlay filesystem written in Go.

cppcryptfs is an implementation of the gocryptfs filesystem in C++ for Windows. cppcryptfs is compatible with gocryptfs. Filesystems created with one can generally be mounted (and synced) with the other. Please see the statement on compatibility near the end of this document.

cppcrypts provides on-the-fly, at-rest and in-the-cloud encryption of files and file names in a virtual filesystem. It uses the Dokany driver and library to provide a virtual filesystem in user mode under Windows.

IMPORTANT: As per this discussion, you should only store the created gocryptfs.conf in the cloud if your password is strong. If an attacker obtains your gocryptfs.conf, then they will be able to throw whatever resources they have at a brute force attack on your encrypted password. Increasing scryptn will slow them down (see below) The developer keeps his gocryptfs.conf in the cloud and uses a very strong password.

You can use cppcryptfs to create an encrypted filesystem in a folder. The encrypted filesystem is protected with a password that you choose.

When you use cppcryptfs to mount the encrypted filesystem by providing the password, then you have a new drive letter in Windows. This virtual drive letter gives you an unencrypted view of your files. The encryption and decryption are done on the fly and are transparent to applications that use the files on that virtual drive.

After you tell cppcryptfs to dismount the virtual drive letter, then there is no way to get at your unencrypted data unless the filesystem is re-mounted again using your password.

Shutting down your computer automatically dismounts all cppcryptfs drive letters.

If the folder where the encrypted files are kept is being synced with a cloud service, then only the encrypted files with encrypted file names will be uploaded to the cloud service.

This way, neither the employees of the cloud service nor anybody who hacks into the cloud service can use your files.

Also, if someone steals your computer and the encrypted filesystem is not mounted, then the thief cannot use your files.
screenshot_create.png


Because the encryption is done on a per-file basis instead of using a container file to store the data, you do not have to decide ahead of time how much encrypted storage you will need. cppcryptfs has very minimal storage overhead, and your encrypted filesystem can grow dynamically limited only by the amount of free space on the physical drive on which the encrypted filesystem is located.

Another advantage of per-file encryption over container-based encryption is that per-file encryption syncs very quickly and efficiently with cloud-based services.
Link. GitHub - bailey27/cppcryptfs: cppcryptfs is an implementation of the gocryptfs encrypted overlay filesystem in C++ for Windows.
 
  • Like
Reactions: ZeroDay

Bot

AI-powered Bot
Apr 21, 2016
4,446
cppcryptfs is based on the design of gocryptfs, an encrypted overlay filesystem written in Go.

cppcryptfs is an implementation of the gocryptfs filesystem in C++ for Windows. cppcryptfs is compatible with gocryptfs. Filesystems created with one can generally be mounted (and synced) with the other. Please see the statement on compatibility near the end of this document.

cppcrypts provides on-the-fly, at-rest and in-the-cloud encryption of files and file names in a virtual filesystem. It uses the Dokany driver and library to provide a virtual filesystem in user mode under Windows.

IMPORTANT: As per this discussion, you should only store the created gocryptfs.conf in the cloud if your password is strong. If an attacker obtains your gocryptfs.conf, then they will be able to throw whatever resources they have at a brute force attack on your encrypted password. Increasing scryptn will slow them down (see below) The developer keeps his gocryptfs.conf in the cloud and uses a very strong password.

You can use cppcryptfs to create an encrypted filesystem in a folder. The encrypted filesystem is protected with a password that you choose.

When you use cppcryptfs to mount the encrypted filesystem by providing the password, then you have a new drive letter in Windows. This virtual drive letter gives you an unencrypted view of your files. The encryption and decryption are done on the fly and are transparent to applications that use the files on that virtual drive.

After you tell cppcryptfs to dismount the virtual drive letter, then there is no way to get at your unencrypted data unless the filesystem is re-mounted again using your password.

Shutting down your computer automatically dismounts all cppcryptfs drive letters.

If the folder where the encrypted files are kept is being synced with a cloud service, then only the encrypted files with encrypted file names will be uploaded to the cloud service.

This way, neither the employees of the cloud service nor anybody who hacks into the cloud service can use your files.

Also, if someone steals your computer and the encrypted filesystem is not mounted, then the thief cannot use your files.
View attachment 279297

Because the encryption is done on a per-file basis instead of using a container file to store the data, you do not have to decide ahead of time how much encrypted storage you will need. cppcryptfs has very minimal storage overhead, and your encrypted filesystem can grow dynamically limited only by the amount of free space on the physical drive on which the encrypted filesystem is located.

Another advantage of per-file encryption over container-based encryption is that per-file encryption syncs very quickly and efficiently with cloud-based services.
Link. GitHub - bailey27/cppcryptfs: cppcryptfs is an implementation of the gocryptfs encrypted overlay filesystem in C++ for Windows.
cppcryptfs is an encrypted overlay filesystem written in C++ for Windows. It is based on the design of gocryptfs, which is an encrypted overlay filesystem written in Go. cppcryptfs is compatible with gocryptfs, meaning that filesystems created with one can be mounted and synced with the other.

The main purpose of cppcryptfs is to provide on-the-fly, at-rest, and in-the-cloud encryption of files and file names in a virtual filesystem. It accomplishes this by using the Dokany driver and library to provide a virtual filesystem in user mode under Windows.

To use cppcryptfs, you can create an encrypted filesystem in a folder and protect it with a password of your choice. When you mount the encrypted filesystem using cppcryptfs and provide the password, you will have a new drive letter in Windows that gives you an unencrypted view of your files. The encryption and decryption are done on the fly, making it transparent to applications.

When you dismount the virtual drive letter, your unencrypted data is no longer accessible unless the filesystem is re-mounted with the password. Additionally, when your computer is shut down, all cppcryptfs drive letters are automatically dismounted.

If the folder where the encrypted files are stored is being synced with a cloud service, only the encrypted files with encrypted file names will be uploaded. This ensures that neither the cloud service employees nor any potential hackers can access your files. If someone steals your computer and the encrypted filesystem is not mounted, they won't be able to use your files either.

One advantage of cppcryptfs is that it doesn't require you to pre-determine how much encrypted storage you will need. It has minimal storage overhead and can dynamically grow based on the available free space on the physical drive.

Per-file encryption used by cppcryptfs also allows for quick and efficient syncing with cloud-based services.

For more details and the source code, you can visit the cppcryptfs GitHub repository at [GitHub - bailey27/cppcryptfs: cppcryptfs is an implementation of the gocryptfs encrypted overlay filesystem in C++ for Windows.](https://github.com/bailey27/cppcryptfs).
 
  • Like
Reactions: ZeroDay

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top