Naamari 1.3.2

Naamari is AES&SHA-based crypto-synchronizer for cloud/remote file storage, with cryptographic and transport modules being separate applications. It works with 4 locations. 1st: local dir with original files. 2nd: dir containing folder structure and names of files placed into storage (but not content). 3rd & 4th - storages: local (another local dir) and remote (say, a cloud). In storages, there are no folders, files have pseudo-random names and encrypted content ("flattening"). The main module, "Naamari", is offline cryptographic one, with full access to all locations but 4th. This module moves files between original and encrypted forms, between "open" folder and local storage. Operations which don't affect remote storage are performed here entirely; any action changing remote storage is only assigned. To each encrypted file in local storage Naamari adds tiny file-descriptor, describing local and remote versions as well as assigned action, which is performed by transport module - "Naamari-lautta", basically a wrapper for a generic cloud client. It reads descriptors and calls that client: in principle, any with API advanced enough to do 3 jobs: upload, download, remove. As long as the file is referenced in 2nd dir, you can delete local version to spare disk space, then get back remote one, which becomes local, or vice versa. WARNING: (Obviously), by now it hasn't been examined by any security experts. Play with caution & please, please read the manual.

Tags cryptography encryption sync remote cloud console c++ go cross-platform
License GNU GPLv3
State stable

Recent Releases

1.3.221 Apr 2017 15:26 minor feature: 1. Transport module updated to work as a client itself when 1st argument is a dirpath instead of filepath (for example, a path to local folder where remote filesystem is mounted). 2. Added syntax file for 'eindrivecmd', a simple command line client for OneDrive.
1.3.117 Apr 2017 16:56 minor feature: 1. Added syntax file for 'megatools', a command line client for Mega.nz. 2. Extended format of .json describing client syntax now allows different names of applications that perform upload, download, and removal. 3. Running cryptographic module with '--cr' or '--lf' option changes the character being appended to passphrase from 0 to CR (0xD) or LF (0xA), respectively; may be used to bypass incompatibility issue of previous version.
1.3.00003 Jan 2017 10:17 cleanup: (2016.03.31) 1. Added Linux-specific fragments to the source of cryptographic module, mostly for console I/O. Now the project can be compiled (with Qt) both in Windows and Linux. In the latter case, this is the preferable way of getting yourself the executable of cryptographic module. 2. CR- or LF-character at the end of passphrase is mapped to 0-byte (was CR before). Old passphrases don't work anymore, since they are translated into different hash. 3. Tiny interface fixes.
1.3.031 Dec 2016 18:18 cleanup: (2016.03.31) 1. Added Linux-specific fragments to the source of cryptographic module, mostly for console I/O. Now the project can be compiled (with Qt) both in Windows and Linux. In the latter case, this is the preferable way of getting yourself the executable of cryptographic module. 2. CR- or LF-character at the end of passphrase is mapped to 0-byte (was CR before). Old passphrases don't work anymore, since they are translated into different hash. 3. Tiny interface fixes.
1.2.223 Mar 2016 00:00 minor feature: Added DropBox support (no changes in cryptographic or transport module, the only new thing is the json with DropBox client syntax).
1.2.108 Jan 2016 00:00 minor feature: Added verbose to transport module (displays progress after each processed file). ...100 days of Naamari's being around. So what?
1.2.019 Oct 2015 00:00 security: Five 32-byte keys (pentad) are used instead of four, encryption scheme has been modified to prevent the truncation attack pointed out to us in the post at crypto.stackexchange.com. At decryption, the padding verification is now performed after the integrity hash verification, to prevent the padding oracle attack (same post). Insurmountable Backward Incompatibility!
1.0.102 Oct 2015 00:00 minor feature: Added 'test' command to verify the integrity of files in the local storage. Added 'Frailties' addendum into the manual, describing some common vulnerabilities and snags.