Cloud storage is a great thing and I really love my Dropbox, but the absence of personal encryption was always a bumper for me. Although Dropbox (and many other cloud storage providers like Box.net) encrypt the data on their storage backend, you can not be 100% sure that your data is confidential because they own the key and are always able to access your data. They are not 'zero-knowledge' providers like Spideroak or Wuala!

That's why it is mandatory to encrypt all confidential files already on the client side when using a cloud storage provider without 'zero-knowledge'. The Dropbox Wiki offers some good tools to accomplish this requirement. Noteably these are: FreeOTFE, Truecrypt, EncFS and SecurStick. FreeOTFE and Truecrypt are quite popular, but use container-based files which occupy all the initial disk space and can not grow and/or shrink. SecurStick and EncFS are great because they work file-based and encrypt each file on its own. However EncFS is only available for Linux and MacOS users and SecurStick is based on WebDAV, besides that I didn't like the overall handling of SecurStick.

As I was not happy with any of the existing solutions, I developed my own encryption tool which provides a similar experience to Windows users as EncFS does for Linux and MacOS users. BoxCryptor is a cryptographic virtual harddisk that encrypts all data On-the-fly in real-time. Encrypted data is stored transparently in an arbitrary directory.

Save files to the virtual harddisk and BoxCryptor encrypts them on-the-fly and stores the encrypted files in a directory or your choice, e.g. a directory that is synced to the cloud like your DropBox folder. When reading files from the virtual harddisk, BoxCryptor decrypts them on-the-fly so that they are accessible as any other unencrypted file. BoxCryptor takes care that all data is automatically encrypted and decrypted just before it is loaded or saved.

BoxCryptor currently encrypts files using a modified version of the RC4 encryption algorithm. I'm planning to support AES encryption in the near future, but the stream cipher RC4 was easier to implement for the beginning.

Be aware that this is  a very early release of BoxCryptor which is intended for testing purposes only! You should not yet use it for productive use! The current version 0.1.0 Alpha of BoxCryptor expires on 31st March 2011 and will provide read-only access to the encrypted files past this date. An updated and more stable version of BoxCryptor should be availble until then.

Go to the BoxCryptor website.