Encryption is a crucial element of security. In this article from the information security systems integrator “Bastion,” we will review over 20 different utilities for file encryption and explain how to use them.
Currently, data protection is particularly relevant. Whether you want to protect personal files, confidential documents, or corporate information, encryption is a vital element of security. Information leaks can lead to financial losses, intellectual property theft, or the disclosure of personal information. We will review over 20 different utilities for file encryption and explain how to use them.
Standard Solutions
Some of the most well-known and widely used file encryption utilities are built into operating systems and are a good option for basic data protection.
Apple FileVault
Apple FileVault is a built-in disk encryption tool in macOS. To set it up, simply go to System Preferences > Security & Privacy > FileVault and follow the instructions. FileVault uses the XTS-AES-128 encryption algorithm with a 256-bit key length and the T2 chip for key management. The tool provides reliable data protection, allowing users to encrypt the entire disk and prevent unauthorized access to information.
Windows BitLocker
Windows BitLocker is a built-in disk encryption tool in Windows. In professional versions of Windows 10 and later, this feature can be enabled by opening Control Panel > System and Security > BitLocker and following the instructions. BitLocker uses the AES algorithm with a key length of 128 or 256 bits. It allows you to encrypt both individual partitions and the entire disk, providing data protection from unauthorized access. BitLocker also supports hardware encryption using TPM (Trusted Platform Module), which further enhances security. Encrypting File System (EFS) is another encryption tool available in professional versions of Windows, allowing you to encrypt individual files and folders.
Linux LUKS
LUKS (Linux Unified Key Setup) is the standard for disk encryption in Linux. It uses AES-256 and supports other ciphers and hash functions. The LUKS setup process may differ depending on the Linux distribution used, but it usually involves creating an encrypted partition during the operating system installation. The implementation of LUKS may vary depending on the Linux distribution, but overall, it is a powerful tool for information protection. LUKS allows for easy password changes and managing access to encrypted files.
Simple File Encryption Utilities
If you need to quickly encrypt individual files, use one of these easy-to-use utilities.
Hat.sh and Cloaker
Hat.sh and Cloaker are web applications for local file encryption in the browser. To use Hat.sh or Cloaker, simply open their website, select a file for encryption, set a password, and click the button to start the process. They use libsodium, XChaCha20-Poly1305, Argon2id, and X25519 libraries to ensure high security. Hat.sh and Cloaker do not require installation and work directly in the browser, making them convenient for everyday use. These utilities are especially useful for quickly encrypting small files without needing to install additional software.
Picocrypt
Picocrypt is a cross-platform utility that works on Windows, macOS, and Linux. To use it, select a file for encryption and click the corresponding button. Picocrypt uses XChaCha20 and supports cascade encryption (XChaCha20 + Serpent), as well as HMAC-SHA3 for data integrity verification. The program also supports data compression before encryption, which can be useful for saving disk space. Cryptographic primitives are in the golang.org/x/crypto module.
File Encryption for Cloud Storage
With the rise in popularity of cloud storage, protecting data during transfer and storage in the cloud has become important.
Cryptomator
Cryptomator is a cross-platform program for encrypting folders before syncing with cloud storage. To create an encrypted folder, launch Cryptomator, select a folder, set a password, and click “Unlock.” The program will create an encrypted container that can be synced with any cloud service. Cryptomator uses AES-256 to encrypt files and scrypt for key management. It provides data protection during transfer to the cloud, making it an excellent choice for cloud storage users. The program also supports integration with popular services: Dropbox, Google Drive, and OneDrive.
Duplicati
Duplicati is a solution for data backup with support for incremental backups and AES-256 encryption. The program works on various platforms and supports many cloud storages, making it a versatile tool for data protection. Duplicati also supports data deduplication and compression features, allowing for significant disk and cloud space savings.
RClone
RClone is a tool for managing data in the cloud. It supports many cloud providers and uses NaCl SecretBox for file encryption (XSalsa20 and Poly1305). RClone provides a high level of security and is easy to use. The program supports data synchronization and backup, as well as performing complex file and directory management operations in the cloud.
Creating Encrypted Archives and Containers
For more complex encryption tasks, you can use utilities for creating encrypted archives and containers.
VeraCrypt
VeraCrypt is a popular solution for creating cryptographic containers. It supports many encryption algorithms, including AES, Camellia, Kuznyechik, Serpent, and Twofish, as well as cascade encryption. VeraCrypt allows creating hidden volumes and encrypting system partitions, providing a high level of data protection. The program also supports fast formatting functions and advanced security settings, making it a utility for advanced users.
zuluCrypt
zuluCrypt is an interface for working with cryptsetup, supporting various container formats. The program provides a convenient graphical interface for managing encrypted volumes and supports integration with different file systems. zuluCrypt also supports hidden volumes, allowing for additional levels of data protection.
Kryptor
Kryptor is a console tool for encrypting and signing files. It uses XChaCha20-Poly1305, Argon2id, X25519, and Ed25519 algorithms to achieve high security. Kryptor is a cross-platform utility for easy work with encrypted files. The program also supports automatic key management and integration with other command-line tools.
Dexios
Dexios is a file encryption utility written in the Rust programming language. It supports AES-256-GCM and ChaCha20-Poly1305 algorithms and has undergone a security audit by NCC. Dexios provides a high level of data protection and ease of use. The program also supports data compression and backup functions, making it a versatile tool for information protection.
Tomb
Tomb is a shell for cryptsetup and LUKS, supporting the creation of encrypted containers. The program allows storing keys separately and using steganography to hide data, ensuring data security. The program also supports automatic mounting and access management functions.
Comprehensive Solutions
These universal programs allow managing encrypted folders and files using a set of utilities.
SiriKali
SiriKali is a combo program for managing encrypted folders using various console tools that can also be used separately. SiriKali provides a convenient graphical interface and supports integration with different file systems. It allows easily creating and mounting encrypted folders, ensuring reliable data protection. The program also supports automatic key management and cloud service synchronization.
In Linux, SiriKali uses:
- sshfs
- fscrypt
- ecryptfs
- Cryptomator
- securefs
- gocryptfs
- cryfs
- encfs
In Windows, as a backend, it uses:
- cryfs
- encfs
- sshfs
- securefs
- cppcryptfs
In macOS, it works with:
- cryfs
- encfs
- securefs
- gocryptfs
Comparative Table of File Encryption Utilities
| Utility | Platform | Encryption Algorithms | Features |
|---|---|---|---|
| Apple FileVault | macOS | XTS-AES-128 | Disk encryption, key management with T2 chip |
| Windows BitLocker | Windows | AES | Disk encryption, TPM support |
| Linux LUKS | Linux | AES-256 | Disk encryption, flexible password management |
| Hat.sh | Web | XChaCha20-Poly1305 | Browser-based, no installation required |
| Cloaker | Web | XChaCha20-Poly1305 | Browser-based, no installation required |
| Picocrypt | Cross-Platform | XChaCha20 | Cascade encryption, data compression |
| Cryptomator | Cross-Platform | AES-256 | Cloud folder encryption |
| Duplicati | Cross-Platform | AES-256 | Incremental backup, data deduplication |
| RClone | Cross-Platform | XSalsa20, Poly1305 | Cloud data management |
| VeraCrypt | Cross-Platform | AES, Camellia, Kuznyechik, Serpent, Twofish | Hidden volumes, system partition encryption |
| zuluCrypt | Linux | Various | Graphical interface, hidden volumes |
| Kryptor | Cross-Platform | XChaCha20-Poly1305, Argon2id, X25519, Ed25519 | Console tool, automatic key management |
| Dexios | Cross-Platform | AES-256-GCM, ChaCha20-Poly1305 | Data compression, backup functions |
| Tomb | Linux | Various | Key storage, steganography |
| SiriKali | Cross-Platform | Various | Graphical interface, multiple tool support |
Best Practices for Data Protection
To maximize data protection, it is important not only to choose the right encryption tool but also to follow best practices in information security:
- Use strong passwords. They should be complex and unique for each
In case you have found a mistake in the text, please send a message to the author by selecting the mistake and pressing Ctrl-Enter.
