Skip to content
The Security Editor

Cloud storage

Client-side encryption on top of Dropbox and Drive: a Cryptomator walkthrough

You don't have to leave Google Drive, Dropbox, iCloud, or OneDrive to get end-to-end encryption for your most sensitive documents. Cryptomator lets you add an encryption layer on top, with the provider seeing only opaque blobs.

By Alex Trustwell 5 min read intermediate
On this page
  1. What Cryptomator does
  2. What it does not do
  3. Step-by-step: creating your first vault
  4. A practical layout
  5. What to put inside the vault, and what to leave outside
  6. Alternatives worth knowing
  7. The passphrase problem

Moving away from Google Drive, Dropbox, or OneDrive is disruptive. You’ve invested in the service, your colleagues share into it, and the apps are everywhere. The good news: for the subset of files that need end-to-end encryption, you don’t have to leave. You can add an encryption layer that sits on top of the service and gives you a folder that behaves like a normal folder, but whose contents the cloud provider cannot read.

The tool most people reach for to do this is Cryptomator, an open-source project with a published security architecture and multiple independent audits.

What Cryptomator does

Cryptomator creates a vault — a folder on your disk — that, from the outside, looks like a directory full of meaningless files with scrambled names. When you unlock it, the Cryptomator application mounts a virtual drive. That drive behaves like an ordinary folder to every application on your computer. Anything you write to the virtual drive is encrypted, filename and all, before being written to disk. Anything you read is decrypted on the way.

Drop the vault folder inside your Dropbox / Drive / OneDrive sync folder, and the encrypted files sync to the cloud the same way any other file would. The cloud provider sees directories of opaque blobs; your devices, running Cryptomator with the passphrase, see the real files.

The cryptographic architecture uses AES-256 in two modes (GCM for file contents, SIV for filenames), a master key protected by a passphrase-derived key with scrypt, and per-file random keys. It is documented in detail on the Cryptomator website and has been audited by Cure53 and others.

What it does not do

  • It does not protect anything outside the vault. Files in your ordinary cloud folder remain in the clear (to the provider).
  • It does not protect against malware on your device. While the vault is unlocked, anything running on your computer can read the plaintext.
  • It does not prevent the provider from seeing that you have encrypted files. They see a Cryptomator vault; they cannot read it, but they know it is there.
  • It does not collaborate well with non-Cryptomator users. Sharing the vault requires sharing the passphrase, which is workable for a small number of trusted collaborators but not for ad-hoc sharing.

Step-by-step: creating your first vault

1. Install Cryptomator.

Download from cryptomator.org (desktop) or the relevant app store (iOS, Android, with a one-time purchase for mobile). The desktop version is free and open-source; mobile apps fund development.

2. Create a vault inside your cloud folder.

Open Cryptomator → Add Vault → Create New Vault. When it asks where to store the vault, navigate inside your Dropbox / Google Drive / OneDrive / iCloud Drive folder, and create the vault there.

3. Set a strong passphrase.

This is the single most important step. The passphrase derives the master key that protects every file in the vault. Use your password manager to generate a 20+ character random password, or a 5–6 word Diceware-style passphrase.

Cryptomator will also offer a recovery key: a long paper-friendly string that can decrypt the vault if you ever forget the passphrase. Print it; store it in a safe; do not put it in the same cloud account as the vault.

4. Unlock the vault.

Enter your passphrase. Cryptomator mounts a virtual drive — usually a new folder appearing in your file manager, or a drive letter on Windows.

5. Use the virtual drive.

Copy, create, open, and edit files on the virtual drive as you normally would. Everything you do is transparently encrypted on disk. Your cloud sync client, watching the underlying encrypted files, uploads them the same way it uploads anything else.

6. Lock the vault when you’re done.

Locking dismounts the virtual drive. To anyone (or anything) on your computer without the passphrase, the vault is just encrypted files again.

A practical layout

A reasonable way to organize:

Dropbox/
├── Documents/          <- ordinary cloud storage
├── Shared with clients/
├── Sensitive.cryptomator/   <- Cryptomator vault
│   └── (encrypted blobs)

When you unlock the vault, you see:

Virtual drive "Sensitive":
├── Legal/
├── Medical/
├── Tax returns/
└── Work-in-progress/

Your cloud provider sees:

Sensitive.cryptomator/
├── d/
│   ├── 2A/LKD...==.c9r
│   ├── 9F/XMN...==.c9r
│   └── ...
├── masterkey.cryptomator
└── vault.cryptomator

What to put inside the vault, and what to leave outside

Not everything needs to live in the vault. The unlock-per-use friction is small but real. A useful division:

Inside the vault:

  • Tax returns, bank statements, investment statements.
  • Medical records and correspondence.
  • Legal documents and contracts.
  • Passports, scans of IDs, backup codes (also: store some offline).
  • Client-sensitive work (manuscripts, intake forms, case notes).

Outside the vault:

  • Meeting notes, drafts, shared work with collaborators.
  • Photos that aren’t sensitive.
  • Reference material you’ve saved from the internet.
  • Anything that is already public.

The rule is: if a compromise of the cloud provider would be an acceptable inconvenience, the file can live outside the vault. If it would be a genuine harm, inside.

Alternatives worth knowing

  • VeraCrypt is the older cousin of Cryptomator, creates single encrypted container files (rather than folders of encrypted files), and is very well-regarded. Slightly less friendly for cloud sync because the whole container re-syncs when anything in it changes.
  • rclone crypt is a command-line option that wraps cloud providers in a client-side encryption layer. Powerful for technical users; not as friendly as Cryptomator.
  • Proton Drive and Tresorit are cloud services that are E2E encrypted by default. Use them if you would rather not layer encryption on top of a non-E2EE service. They do not co-exist with Drive/Dropbox/OneDrive; they replace them for their subset.
  • Age (from the Go community) is a modern file-encryption tool for one-off encryption of individual files you want to send or archive. Not a continuous folder; a single-shot tool.

The passphrase problem

Cryptomator protects you against the cloud provider and against someone who compromises the cloud account. It does not protect you against forgetting the passphrase. Treat it like any other important secret:

  • Store the passphrase in your password manager.
  • Print the recovery key.
  • Put the printed recovery key somewhere physically safe: a lockbox, a bank safe-deposit box, or with a lawyer.
  • If multiple people need access (a family, a business partner), make sure the recovery plan doesn’t depend on a single person.

The goal is that you (and only you, or you and a very small set of people you trust) can open the vault — and that future-you, at the worst possible moment, is one of the people who can.

Sources

  1. Cryptomator — Security Architecture
  2. Cryptomator — Security Audits
  3. NIST SP 800-38E — AES XTS Mode