Python re-implementation of Cryptomator encryption scheme

Cryptomator is an open-source file-based encryption system. Encrypted data is stored as files which can be easily uploaded to arbitrary cloud storage services, and there is a one-to-one relationship between plaintext and encrypted files. In order to increase privacy, filenames are encrypted and there is a degree of obfuscation of the directory tree.

The Cryptomator encryption scheme is publicly described here. However, to date there has not been any public third-party re-implementation of the encryption scheme.¹

https://yingtongli.me/git/cryptomator-utils is a Python re-implementation of essential portions of the Cryptomator encryption scheme, encompassing the master key format, filename encryption and decryption, and file content decryption. A collection of standalone Python command-line scripts is provided for listing encrypted directory contents, and decrypting individual files. The Cryptomator drive is not required to be mounted.

The motivation for this tool is when Cryptomator drives are accessed over the network (e.g. over SSH/SFTP), rather than available locally and mirrored to the network. Cryptomator has poor performance over the network,² and it is undesirable to require the user to download the entire drive to decrypt a single file. cryptomator-utils aims to stream the minimum number of files over the network in order to decrypt the target file or directory, without passing private information (such as encryption keys or passwords) over the network. Future directions might include a CLI or GUI tool to interactively explore a remote Cryptomator drive and selectively upload or download files.

Note that, unlike Cryptomator itself, this cryptomator-utils re-implementation has not been audited, and is not robust against untrusted input or maliciously construted Cryptomator drives.

Footnotes