Security

• ​XChaCha20-BLAKE2b for symmetric encryption.

• ​Argon2id for password-based key derivation.

• ​BLAKE2b for hashing, keyed hashing, and key derivation.

• ​X25519 for key exchange.

• ​Ed25519 for digital signatures.

The libsodium library is used for all cryptography. You can read the full technical details here.

Functionality

• Encrypt files/folders with a password, keyfile, or asymmetric keys.

• Create and verify digital signatures, with support for an authenticated comment and prehashing.​

• Generation of asymmetric key pairs. The private key is encrypted for protection at rest.​

• UNIX style password entry and random passphrase generation.

• Encrypting files using a recipient's public key allows for authenticated, one-way file sharing.​

• Random keyfile generation. Any type of file can also be used as a keyfile.

• Obfuscate output file names when encrypting files/folders.

• Overwrite input files when encrypting files/folders.

Privacy

• Kryptor runs locally on your computer. No personal data is ever collected or sent to anyone.​

• Kryptor runs offline unless you run the -u|--update command, which downloads a text file from GitHub. You can read GitHub's Privacy Policy here.