Skip to content

janiko71/boxcryptor-decryptor-go

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

boxcryptor-decryptor-go

Single file decryption for Boxcryptor in Go (lang). Derived from my Python version.

What is Boxcryptor

Boxcryptor is a commercial software (though you can use it freely with limitations) that encrypts files in the cloud in its largest a acceptance, that means OneDrive (Microsoft), Google Drive, iCloud (Apple), ownCloud, Box, Dropbox, etc. All compatibles products are listed here.

Why this program?

Because I'm paranoid (I'm working in a big european bank as security officer/expert), and I wanted to understand the crypto process of the Boxcryptor solution (zero-knowledge based). The best way to do that is to write my own decrypting program. I wrote a Python version, then a Go version. Secondly, like every commercial program, you can't access the source code to audit it, and the documentation is often too incomplete for auditing purpose. And, at last, in the unlikely case of the company disapear, or if the executable files are lost or too old to be used, you may want a program to decrypt your files. That's what is done here.

Is there an official program for that?

Of course, the Boxcryptor solution encrypts and decrypts the files on the fly, and seems to work well. But as I've said, you can't audit the code. To prevent this, the editor published a decryptor (in Java and C++) here:

Like my work, their programs are not really intended to be production-grade programs, but having this source code is a good way to understand how their crypto process works. As a challenge, I wanted to do a decryptor by myself, and because I have no relation with the editor, you have here an independant way of understanding it and to decrypt your files.

How to use it?

First, get the crown jewels: the crypto keys

You need to get a copy of the crypto information stored by Boxcryptor, More information here:

You'll get a .bckey file. This file is very important and need some protection, even if you still need your Boxcryptor account's password to decrypt your files (see below).

Secondly: your account password

As a zero-knowledge solution, even with the previous file you won't be able to decrypt anything. So always remember your (strong) password, and keep it in a safe place (like KeePass).

Install Go (golang) and the requested modules

You need at least these:

  • golang.org/x/crypto/pbkdf2
  • gopkg.in/gookit/color.v1

You need to go get them.

So,what is my conclusion?

Again I'm proud of myself: I've learned Go and this program works!

Besides, I can see that Boxcryptor does what their authors says: they have implemented a zero-knowledge solution. That means that, without your password, nobody can decrypt your files, even them. But as usual, the ultimate proof of confidence would be to assess that your password is stored anywhere...

With my laptop, I've decrypted an .iso file (1.9Go) in 24 sec. Of course it's quicker than Python (which is interpreted, not compiled).

Releases

No releases published

Packages

No packages published

Languages