• ​XChaCha20-BLAKE2b for symmetric encryption.
  • ​Argon2id for password-based key derivation.
  • ​BLAKE2b for hashing, keyed hashing, and key derivation.
  • ​X25519 for key exchange.
  • ​Ed25519 for digital signatures.
The libsodium library is used for all cryptography, allowing for top-notch security and performance. You can read the full technical details here.


  • Encrypt files/folders with a password, keyfile, or asymmetric keys.
  • Encrypting files using a recipient's public key allows for authenticated, one-way file sharing.​​
  • Create and verify digital signatures, with support for an authenticated comment and prehashing.​
  • Generation of asymmetric key pairs. The private key is encrypted for protection at rest.​
  • UNIX style password entry and random passphrase generation.
  • Random keyfile generation. Any type of file can also be used as a keyfile.
  • Encrypt file/folder names.
  • Overwrite input files when encrypting files/folders.


  • Kryptor runs locally on your computer. No personal data is ever collected or sent to anyone.​
  • Kryptor runs offline unless you run the -u|--update command, which downloads this text file and this signature file from GitHub. If you choose to let Kryptor install an update for you when prompted, then the latest release for your operating system and the associated signature file will also be downloaded from GitHub. You can read GitHub's Privacy Statement here.