A DIY multi-platform solution for encrypt your DropBox files

For Linux, Windows, OSX, Android and iOs

 

Cloud storage is very useful, but for really important/private stuff, a best practice could be adding of a further encryption layer, perhaps with a cross-platform solution.

http://imgs.xkcd.com/comics/security.png

A simply method could be use Truecrypt (now Veracrypt), but having to create containers that store the encrypted information isn’t the best for Dropbox, which constantly syncs changes.

If you make, for example, a 500MB container and you changing a small text file in them, you have to entirely re-upload a 500MB file, then that is a little waste of time and resources.

Instead, the best is encrypt files individually, and ENCFS is the perfect solution for this kind of problem.

ENCFS encrypt every single file in a specified folder, and permits to mount an unencrypted version of the folder in a specified mount point.

The idea is to have the unencrypted folder mountpoint in the Home folder, while the encrypted folder should be inside Dropbox folder.

Whenever you put or change something into the unencrypted folder, ENCFS creates an encrypted version into the encrypted folder, which is syncronized by Dropbox.

In my case, the main system is a Debian, and the other systems that should access to the encrypted folder are Windows, OSX and Android.

So, let’s start with…

Linux configuration

First, install EncFS using APT (on Debian/Ubuntu/Mint):

# apt install encfs

or using yum on Fedora:

yum install fuse-encfs

Next, start the setup: to do this, you’ll need to run

encfs ~/Dropbox/.encrypted ~/Private

You can change the actual paths if you like.
Just know that the path represented by ~/Dropbox/.encrypted is the folder where the encrypted data goes, and ~/Private is the folder used as mountpoint for the unencrypted volume.

Say ‘yes’ to all folder creation requests (if you haven’t created first), and choose ‘p’ to start with the default configuration.

Then, insert the chosen password for encrypted folder:

Finally, you can create a couple of bash scripts to mount/unmount the encrypted folder:

Mount.sh

#!/bin/sh
encfs ~/Dropbox/.encrypted ~/Private

Umount.sh

#!/bin/sh
fusermount -u ~/Private

That’s it!


Windows/OSX configuration

On Windows and OSX systems, you can use Safe, a multi-platform application that supports EncFS:

Safe is cross-platform and currently runs on Windows and Mac OS X. It works with all applications and file types and can store encrypted files anywhere. It’s also compatible with EncFS volumes.

Safe is licensed under the GPLv3 and is based on free software.

Unlike EncFS, it does not use FUSE but hosts a localhost WebDAV server and uses the operating system’s existing WebDAV functionality to provide the native interface.

This makes Safe more portable and more stable than FUSE-based user-space file systems.

You can download safe from this link:

http://www.getsafe.org/about#download

UPDATE 02/12/2016

Some users have notified me that Safe has some problem with long file names and big files (related to webdav limitations).

So you can also use EncFSMP, another EncFS implmentation for Windows and OSX:

https://sourceforge.net/projects/encfsmp/


EncFS for Android?

Cryptonite is a useful EncFS tool for Android:

Cryptonite brings EncFS and TrueCrypt to Android. You can browse, export and open EncFS-encrypted directories and files on your Dropbox and on your phone. On rooted phones that support FUSE (e.g. CyanogenMod) you can also mount EncFS and TrueCrypt volumes. TrueCrypt is only available as a command-line version at this time.

You can download the stable release of Cryptonite from Google Play:

https://play.google.com/store/apps/details?id=csh.cryptonite

and the beta version from GitHub:

https://github.com/neurodroid/cryptonite/releases


Finally, iOs?

For iOS, the only reliable solution that I could find is a commercial application, BoxCryptor:

Boxcryptor is an easy-to-use encryption software optimized for the cloud. It allows the secure use of cloud storage services without sacrificing comfort. Boxcryptor supports all major cloud storage providers (such as Dropbox, Google Drive, Microsoft OneDrive, or SugarSync) and supports all the clouds that use the WebDAV standard (such as Cubby, Strato HiDrive, or ownCloud).

Here the link for AppStore:

https://itunes.apple.com/app/boxcryptor-viewer/id649940870

Comments