File-based encrypt-and-sync solution for Windows

There exists many syncing and backup solutions out there, but I have yet to find a setup that will cover ALL the following behavior:

enter image description here

I want the ability to designate local folder B as the "encrypted mirror" of local folder A (A and B exist on the same machine). That is, whenever I add files to A, the file is automatically encrypted and put into folder B, and when I remove a file from A, that file is also removed from B.

The encryption should be file-based (no containers required) and should preferably have no limit on folder/file size, and the key is that this needs to happen automatically (once I set up the link between A and B all operations should be behind the scenes).

I'm looking for a Windows solution...think of it as a "locally encrypted Dropbox". Can this be done? I don't mind connecting multiple services together to achieve this, but most encryption/syncing services are rather narrow in the way they can be used.

donnyton

Posted 2011-09-06T02:37:55.447

Reputation: 189

Are A and B on the same machine? If not, are they on the same local/home network, or are they connected across the Internet? – Mike Rowave – 2011-09-06T02:43:16.883

They are on the same machine. – donnyton – 2011-09-06T02:50:37.963

Could you tell us more about your use case? Why are you mirroring files on the same machine? And what are you protecting the encrypted files from if they're just copies of unencrypted files? – Isaac Rabinovitch – 2012-11-24T22:21:14.060

Answers

Some products that seem worth trying :

SecretSync (Dropbox oriented, free and commercial versions)
Toucan (free)
AASync ($29)
BestSync (starting at $19.95 plus 30-day trial)

_{(Disclaimer: I have no experience with any of them.)}

harrymc

Posted 2011-09-06T02:37:55.447

Reputation: 306 093

I was looking for exactly the same solution and came across Allway Sync which does exactly what you described - it sync'es two folders, both ways with encryption/decryption feature. It's not free, as far as I remember it costs ~$20 - definitely worth the money though, I've been using it for 2+ years now.

What is also important and what you are missing in your model, is the fact that all files are encrypted using ZIP compression & encryption so you can download any file from Dropbox (web) and open it using jzip, winzip etc. provided you know the password. This is especially useful when you want to do it quickly as a guest on any machine, without installing any additional software.

Cons are that folder structure and file names are not obscured.

Sebastian

Posted 2011-09-06T02:37:55.447

Reputation: 31

I think there is an option to do this now. It might just be the file names though. – Tom Jenkinson – 2013-03-27T08:59:22.713

Personally, I think you'd be better off with an encrypted filesystem rather then a per file basis. You can use a combination of truecrypt and synchtoy on Windows, or rsync or any other number of synchronization programs on a Linux based system. That way, the synchronization program sees the files on both sides simply as files, but anyone not mounting the truecrypt partition will only see the encrypted files. Otherwise, you might look into Microsofts EFS, I'm not that familiar with it but I understand it does do per file encryption.

OldWolf

Posted 2011-09-06T02:37:55.447

Reputation: 2 293

2EFS will give him problems when he goes to download the file onto a different computer. – surfasb – 2011-09-06T07:25:54.893

Since A and B are on the same machine, I'm going to assume that B is an external hard drive (and therefore easier to steal and more vulnerable to accidental loss when you transport it, hence the need for encrypting B without encrypting A).

So all you'd need to do is encrypt the external drive B with something like TrueCrypt or FreeOTFE, and use any of the various file sync software to sync A with B. Once you provide the password or keyfile to mount B, the sync software won't know or care that B is encrypted.

Mike Rowave

Posted 2011-09-06T02:37:55.447

Reputation: 1 835

That's not the case: B only needs to be encrypted because I am pushing it to my dropbox as well. And sometimes I will want to access and decrypt the files from the internet, so they have to be encrypted on a file basis and not on a volume. – donnyton – 2011-09-06T06:12:01.943

If you were running Linux, ecryptfs or encfs would do what you want. But they're not available for Windows, and I'm not aware of anything with equivalent functionality that is. – Mike Rowave – 2011-09-06T13:23:57.510

Try this as well.

cryptsync https://code.google.com/p/cryptsync/

I've been using it for a few days and am ok with it so far.

Features

it encrypts and compresses to 7zip.
it also encrypts filenames
"Hot file" monitor changes
Filename exclude filters

fedmich

Posted 2011-09-06T02:37:55.447

Reputation: 269

You could also try Cryptomator at https://cryptomator.org/ .

It differs from your solution in the following points:

1) A in your example is just a virtual drive which is mounted when you launch Cryptomator. Cryptomator can also do this automatically on startup.

The encrypted folder is then on your harddrive.

2) It does no real syncing. You could use any tool for that though, like Google Backup Sync, Onedrive, ... so Cryptomator just adds the encryption to one of the many existing sync tools. You would then just sync the crypted folder.

I have used it ever since previous tools, in part better aligned with your requirements, stopped being available. It has worked reasonably stable and reliable so far. Can't say much about speed, for documents it is fast enough, I did not notice any slowdown. It is actively supported and free but asks for optional money on download.

Andreas Reiff

Posted 2011-09-06T02:37:55.447

Reputation: 895