Features

Security

ChaCha20-Poly1305 for authenticated encryption, with the padding fix for key commitment.
Argon2id for password-based key derivation.
BLAKE2b for hashing, keyed hashing, and key derivation.
X25519 for key exchange.
Elligator 2 for hiding ephemeral public keys.
Ed25519 for digital signatures.

The libsodium library is used for everything but Elligator2, which is from Monocypher.

Functionality

Encrypt multiple files/directories with a passphrase, symmetric key, or asymmetric keys.
Encrypt to multiple recipients for sender authenticated, one-way file sharing.
Encrypted files are indistinguishable from random. File names can also be encrypted.
Create and verify digital signatures, with support for an authenticated comment and prehashing.
Small public keys. Private keys are encrypted for protection at rest.
UNIX style passphrase entry and random passphrase generation.
Pre-shared keys can be used for post-quantum secure key exchange.

Privacy

Kryptor runs locally on your computer. No personal data is ever collected or sent to anyone.
Kryptor runs offline unless you run the -u|--update command, which downloads this text file and this signature file from GitHub. If you choose to let Kryptor install an update for you when prompted, the latest release for your operating system and the associated signature file will also be downloaded from GitHub. You can read GitHub's Privacy Statement here.

As of v4.1.0, the-u|--update option has been removed to be consistent with other command line tools. A package manager should be used instead if this is a concern.

Last updated 1 year ago