Military-Grade Encryption · Zero Knowledge Architecture

Your files.
Truly private.
Only you hold the key.

1Cryptor encrypts every file on your device before it ever reaches the cloud — using a Rust engine powered by AES-256-GCM and RSA-4096. We have no keys, no backdoors, and no ability to read what you store.

AES-256-GCM
Content Cipher
RSA-4096
Key Wrapping
Argon2id
Key Derivation
Zero-Knowledge
Architecture
Download on the App Store See how it works
1Cryptor — Vault Status
Vault Status Protected
Encryption AES-256-GCM Active
Cloud Read Access Denied
Server-Side Keys None
Backdoor None
AES-256-GCM·RSA-4096·Argon2id v1.3·Zero Knowledge·On-Device Encryption·5 MB Secure Chunks·Rust Crypto Engine·No Backdoors·End-to-End Private· AES-256-GCM·RSA-4096·Argon2id v1.3·Zero Knowledge·On-Device Encryption·5 MB Secure Chunks·Rust Crypto Engine·No Backdoors·End-to-End Private·
We cannot read your files.

Technically impossible — keys never leave your device.

A breach reveals nothing.

Attackers get only unreadable ciphertext, never plaintext.

No court order can help.

Nothing readable to compel or disclose — by design.

ZERO KNOWLEDGE GUARANTEE

Standard cloud vs.
1Cryptor encryption.

See exactly what changes when you encrypt before you sync.

Standard Cloud Storage

iCloud, Google Drive, Dropbox — without encryption

  • Provider can read every file you upload
  • Employees may access your data
  • Government orders compel disclosure
  • A breach exposes all your real content
  • Filenames reveal what you store
  • Metadata is fully visible and searchable
VS

1Cryptor Encrypted Vault

Your cloud + 1Cryptor on-device encryption

  • Cloud receives only unreadable ciphertext
  • No one but you holds the decryption keys
  • Nothing readable to compel or disclose
  • A breach yields useless encrypted blobs
  • Filenames are encrypted too
  • All metadata encrypted before upload

ENCRYPTION PIPELINE

Five steps from password
to encrypted vault.

Every step runs on your device. Nothing sensitive crosses the network in plaintext.

01

Password Input

Argon2id hashes your password with 128 MB memory and 4 iterations. Brute force is computationally infeasible by design.

02

Private Key Unlock

The derived key decrypts your RSA-4096 private key stored locally on device. It never leaves in plaintext.

03

Master Key Recovery

Private key unwraps the 256-bit master key via OAEP-SHA256. It lives only in memory — never written to disk.

04

Chunk Encryption

Files split into 5 MB blocks. Each gets a unique random nonce and AES-256-GCM encryption with a 16-byte auth tag.

05

Ciphertext Sync

Only encrypted chunks, encrypted names, and encrypted metadata sync to your cloud. The provider sees nothing readable.

CRYPTOGRAPHIC ARCHITECTURE

Four independent layers
of cryptographic protection.

Defence in depth. If one layer were hypothetically compromised, the others remain fully intact.

01

Key Derivation

Argon2id v1.3

Your password is never used as an encryption key directly. Argon2id runs with 128 MB memory and 4 iterations — computationally expensive to deter brute-force attacks even with specialised hardware.

Memory131 072 KiB (128 MB)
Iterations4 passes
Parallelism4 lanes
Version0x13 (v1.3)
02

Master Key Wrapping

RSA-4096 + OAEP

A random 256-bit master key encrypts your data. This key is wrapped with RSA-4096 using OAEP-SHA256 padding. Only your private key — which you alone hold — can unwrap it.

Key Size4096 bits
PaddingOAEP-SHA256
PurposeKey Wrapping
AccessPrivate Key Only
03

Content Encryption

AES-256-GCM

Each 5 MB chunk is encrypted with AES-256-GCM using a cryptographically random 12-byte nonce. A 16-byte authentication tag ensures any tampering — even a single bit flip — is detected immediately.

Key Size256 bits
Nonce12 bytes (CSPRNG)
Auth Tag16 bytes
ModeAEAD
04

Metadata Encryption

Zero Knowledge

Filenames, extensions, directory structure, and all metadata are encrypted before upload. Your storage provider receives opaque binary blobs with zero identifying information about what you store.

FilenamesEncrypted
MetadataEncrypted
StructureHidden
Cloud ViewCiphertext only

VIDEO SECURITY

Large files, fully encrypted.
Chunk by chunk.

Videos are split into 5 MB segments. Each chunk is independently encrypted with its own nonce for maximum cryptographic isolation.

01

5 MB Chunking

Videos split into 5 MB segments that encrypt and upload in parallel — fast on any connection.

02

Per-Chunk Nonce

Every segment receives a fresh random 12-byte nonce. Nonce reuse is architecturally impossible.

03

Authentication Tag

Each chunk carries a 16-byte GCM tag. Any modification — even one bit — triggers immediate failure.

04

Secure Reassembly

Chunks are verified and decrypted in order, only on your authorised device. Never reassembled in the cloud.

vault_stream.enc
chunk_001.encAES-256 ✓
chunk_002.encAES-256 ✓
chunk_003.encAES-256 ✓
chunk_004.encAES-256 ✓
chunk_005.encAES-256 ✓
chunk_006.encAES-256 ✓
chunk_007.encAES-256 ✓
chunk_008.encAES-256 ✓
All chunks authenticated

TECHNOLOGY

Rust cryptography.
No compromises.

Production-grade Rust crates, bridged to Swift via C ABI. Memory safe, auditable, and fast.

aes_gcm.rs

AES-256-GCM

use aes_gcm::{Aes256Gcm, Key, Nonce};
let cipher = Aes256Gcm::new(key);
// nonce: 12 bytes · tag: 16 bytes
ModeAuthenticated Encryption
Key32 bytes (256-bit)
ScopeContent + Names + Metadata
argon2.rs

Argon2id

use argon2::{Argon2, Params};
let p = Params::new(131072, 4, 4, None);
// memory-hard · v1.3 (0x13)
Memory131 072 KiB
Iterations4 passes
PurposeKey Derivation
rsa_oaep.rs

RSA-4096 + OAEP

use rsa::{RsaPrivateKey, Oaep};
use sha2::Sha256;
// 4096-bit key wrapping
Key Size4096 bits
PaddingOAEP-SHA256
UseMaster Key Wrap
chunker.rs

Chunking Engine

const CHUNK: usize = 5 * 1024 * 1024;
let nonce = OsRng.gen::<[u8; 12]>();
// unique nonce · OsRng (CSPRNG)
Chunk Size5 MB
Nonce SourceOsRng (CSPRNG)
ResultParallel Encryption
0bit
AES symmetric encryption key
0bit
RSA asymmetric key strength
0MB
Argon2id memory cost per hash
0
Files we can ever read

WHY 1CRYPTOR

Designed for people who
take privacy seriously.

Privacy isn't a feature. It's the foundation of every design decision.

Zero Knowledge

We never see your keys or your files. Architecturally enforced — not a policy we could change even if we wanted to.

Bring Your Own Cloud

Use iCloud Drive or Google Drive — services you already pay for. 1Cryptor is the encryption layer, not the storage.

Breach Proof

If our servers were seized tomorrow, attackers would get zero readable data. Your keys exist only on your device.

Rust Performance

The encryption engine is memory-safe Rust — blazing fast, auditable, and free of runtime surprises or hidden vulnerabilities.

Multi-Device Sync

Access your vault on all your devices. Everything decrypts locally — nothing ever in the clear during transit or at rest.

Free Starter Vault

Start with one free vault, no credit card required. Protect your most sensitive files starting today.

PRIVACY BY DESIGN

Privacy by architecture,
not by promise.

Minimal data principles are built into product logic, not marketing slides.

We Never Have Access To

  • Your passwords or passphrases
  • Your encryption keys
  • Your file contents
  • Your filenames or metadata
  • Your directory structure

Limited Data We May Process

  • Apple/Google account for cloud APIs
  • Subscription and purchase state
  • Anonymous crash diagnostics
Full Privacy Policy Terms of Service
Honest Comparison

How does 1Cryptor compare
to Cryptomator?

Both protect your files. But the cryptographic details — Argon2id vs scrypt, AES-GCM vs AES-CTR, Rust vs Java — make a real difference. We lay out every difference, with no marketing spin.

See the Full Comparison
Military-Grade · Zero Knowledge · On-Device Encryption

Encrypt first.
Sync second.
Sleep easy.

Join people who refuse to hand their private files to strangers in plaintext.

Download on the App Store — Free