Open Source Linux Encryption Software
Sort By:
Encryption Software for Linux
View 27 business solutionsBrowse free open source Encryption software and projects for Linux below. Use the toggles on the left to filter open source Encryption software by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Get the most trusted enterprise browserDefend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.
-
1
VeraCrypt
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html -
2
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData is an open-source tool that could help you decrypt data ( password|bookmark|cookie|history|credit card|download|localStorage|extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. This tool is limited to security research only, and the user assumes all legal and related responsibilities arising from its use! The author assumes no legal responsibility! Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. -
3
SOPS
Simple and flexible tool for managing secrets
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. For the adventurous, unstable features are available in the develop branch, which you can install from source. To use sops as a library, take a look at the decrypt package. We rewrote Sops in Go to solve a number of deployment issues, but the Python branch still exists under python-sops. We will keep maintaining it for a while, and you can still pip install sops, but we strongly recommend you use the Go version instead. If you're using AWS KMS, create one or multiple master keys in the IAM console and export them, comma separated, in the SOPS_KMS_ARN env variable. It is recommended to use at least two master keys in different regions. If you want to use PGP, export the fingerprints of the public keys, comma separated, in the SOPS_PGP_FP env variable. -
4
transfer.sh
Easy and fast file sharing from the command-line
Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh currently supports the s3 (Amazon S3), gdrive (Google Drive), storj (Storj) providers, and local file system (local). For easy deployment, we've created a Docker container. For the usage with a AWS S3 Bucket, you just need to specify the following options, provider, aws-access-key, aws-secret-key, bucket, and s3-region. If you specify the s3-region, you don't need to set the endpoint URL since the correct endpoint will used automatically. To use a custom non-AWS S3 provider, you need to specify the endpoint as defined from your cloud provider. In preparation you need to create an access grant (or copy it from the uplink configuration) and a bucket. To get started, login to your account and go to the Access Grant Menu and start the Wizard on the upper right. -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
Ciphey
Decrypt encryptions without knowing the key or cipher
Fully automated decryption/decoding/cracking tool using natural language processing & artificial intelligence, along with some common sense. You don't know, you just know it's possibly encrypted. Ciphey will figure it out for you. Ciphey can solve most things in 3 seconds or less. Ciphey aims to be a tool to automate a lot of decryptions & decodings such as multiple base encodings, classical ciphers, hashes or more advanced cryptography. If you don't know much about cryptography, or you want to quickly check the ciphertext before working on it yourself, Ciphey is for you. The technical part. Ciphey uses a custom-built artificial intelligence module (AuSearch) with a Cipher Detection Interface to approximate what something is encrypted with. And then a custom-built, customizable natural language processing Language Checker Interface, which can detect when the given text becomes plaintext. -
6
CrococryptFile
An encryption tool for creating file archives
CrococryptFile is a file encryption tool which creates encrypted archives of files and folders. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile... - encrypts all file and folder information including filenames, time/date and filesize information, - disguises any information of the archive's content, because all data and meta-data is simply integrated into a giant file dump. =Crypto Suites= For a full list of and details about supported crypto suites, please visit the CrococryptFile Homepage. Examples: - Password-based encryption (following PBKDF2) with AES-256, Twofish, Serpent, ... - Public key encryption using GPG/OpenPGP, Windows Keystore/CAPI with RSA/X.509 certificates - Cloaked (headerless) Password-based Encryption (AES-Twofish-256 cascaded) - ... -
7
AWS Encryption SDK for Java
AWS Encryption SDK
The AWS Encryption SDK is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It enables you to focus on the core functionality of your application, rather than on how to best encrypt and decrypt your data. The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and JavaScript) that determines which wrapping keys you use to protect your data. Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. By default, the AWS Encryption SDK generates a unique data key for each data object that it encrypts. -
8
Ente
End-to-end encrypted cloud for photos, videos and 2FA secrets
Ente is a fully open-source, end‑to‑end encrypted cloud platform designed for securely storing and managing your photos, videos, and 2FA secrets — without needing to trust the service provider. It includes cross‑platform clients and a CLI for self‑hosting needs. Ente is a service that provides a fully open source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of this platform, we have built two apps so far: Ente Photos (an alternative to Apple and Google Photos) and Ente Auth (a 2FA alternative to the deprecated Authy). This monorepo contains all our source code - the client apps (iOS / Android / F-Droid / Web / Linux / macOS / Windows) for both the products (and more planned future ones!), and the server that powers them. -
9
MemGuard
Secure software enclave for storage of sensitive information in memory
This package attempts to reduce the likelihood of sensitive data being exposed when in memory. It aims to support all major operating systems and is written in pure Go. Sensitive data is encrypted and authenticated in memory with XSalsa20Poly1305. The scheme used also defends against cold-boot attacks. Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage collector. Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows. The effort is taken to prevent sensitive data from touching the disk. This includes locking memory to prevent swapping and handling core dumps. Kernel-level immutability is implemented so that attempted modification of protected regions results in an access violation. -
No-Nonsense Code-to-Cloud Security for Devs | AikidoAikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
-
10
cppcrypto
C++ cryptographic library (modern hash functions, ciphers, KDFs)
cppcrypto provides optimized implementations of cryptographic primitives. Hash functions: BLAKE, BLAKE2, Echo, Esch, Groestl, JH, Kupyna, MD5, SHA-1, SHA-2, SHA-3, SHAKE, Skein, SM3, Streebog, Whirlpool. Block ciphers: Anubis, Aria, Camellia, CAST-256, Kalyna, Kuznyechik, Mars, Serpent, Simon, SM4, Speck, Threefish, Twofish, and Rijndael (AES) with all block/key sizes. Stream ciphers: HC-128, HC-256, Salsa20, XSalsa20, ChaCha, XChaCha. Encryption modes: CBC, CTR. AEAD modes: Encrypt-then-MAC (EtM), GCM, OCB, ChaCha-Poly1305, Schwaemm. Streaming AEAD. MAC functions: HMAC, Poly1305. Key derivation functions: PBKDF2, scrypt, Argon2, HKDF. Includes sample command-line tools: - 'digest' - for calculating and verifying file checksum(s) using any of the supported hash algorithms (similar to md5sum or RHash). - 'cryptor' - for file encryption using Serpent-256 algorithm in AEAD mode. Check out the cppcrypto web site linked below for programming documentation. -
11
Client-side Encryption Amazon DynamoDB
Amazon DynamoDB Encryption Client for Java
The Amazon DynamoDB Client-side Encryption in Java supports encryption and signing of your data when stored in Amazon DynamoDB. A typical use of this library is when you are using DynamoDBMapper, where transparent protection of all objects serialized through the mapper can be enabled via configuring an AttributeEncryptor. Use SaveBehavior.PUT or SaveBehavior.CLOBBER with AttributeEncryptor. If you do not do so you risk corrupting your signatures and encrypted data. When PUT or CLOBBER is not specified, fields that are present in the record may not be passed down to the encryptor, which results in fields being left out of the record signature. This in turn can result in records failing to decrypt. For more advanced use cases where tighter control over the encryption and signing process is necessary, the low-level DynamoDBEncryptor can be used directly. -
12
mp3stegz is an application that apply steganographic (steganography) algorithm in mp3 files. mp3stegz will maintain original mp3 file's size and sound quality. The hidden message is compressed(zlib) and encrypted(Rijndael).
-
13
Portable Text Encryption
Single Linux or Windows binary for secure text encryption
Self contained and completely portable binary encrypts text for secure email, messaging, irc use, etc., ideal for USB flash drives. AES-128/192/256 (ecb/cbc), Blowfish (ecb/cbc), DES / TripleDES (ecb/cbc/ofb/cfb), or RC4. Linux and Windows binaries. I don't make cute interfaces, it just works. https://codeberg.org/BloodFeastMan/pte I would also recommend FTC, encrypts both files and text using the same interface as PTE, and a separate encryption and hashing engine I wrote in Crystal, and is much faster than PTE: https://sourceforge.net/projects/ft-crypt/ -
14
haveged is a daemon that feeds entropy into the linux /dev/random pool using a random number generator based upon the HArdware Volatile Entropy Gathering and Expansion algorithm.
-
15
-
16
StrongKey CryptoEngine
FIDO strong authentication, encryption, digital signature engine
StrongKey CryptoEngine (SKCE) 2.0 is a "crypto Swiss Army knife" server to perform cryptographic functions through web services, while freeing application developers to focus on business functionality. Its modules include: - A FIDO Engine to support FIDO U2F key registrations/authentications - An encryption engine to encrypt/decrypt files using AES/TDES keys - Escrowing keys to on-premises key management system (StrongAuth KeyAppliance/SAKA) - Integration to cloud storage services (AWS S3, Azure and Eucalyptus Walrus) - A signing engine to digitally sign documents, code, etc. with FIPS 140-2 HSM support - An LDAP Engine for AD/LDAP integration for authorization decisions SKCE is battle-tested and in production at one of the largest e-commerce companies in the world, protecting more than 50M documents within the business process; see http://bit.ly/14VPYlO for the case study. Download StrongKey CryptoCabinet (SKCC) on this site to see how to use SKCE. -
17
IMPORTANT -- This is an old project that is no longer supported and should not be relied upon for serious applications. If your looking for encryption software, I suggest OpenSSL or GnuPG which are better equipped.
-
18
Ncrypt is intended to give you security in an insecure environment. If you are wanting to encrypt files, wishing to hide your activites from prying eyes, and want to "cover your tracks", Ncrypt is for you.
-
19
sectar: a program that creates encrypted tape archives(tar files), using the AES algorithm Rijndael. Encryption exported under exemption TSU 740.13. Was star, now sectar.
-
20
MicroZip
Create,extract and encrypt ZIP,GZIP,TAR,BZIP2,TAZ files on Java mobile
MicroZip is a powerful file compression and encryption utility for mobile phones which allows you to create and extract compressed archives in multiple formats and encrypt sensitive information with powerful AES-256 encryption. MicroZip can create and extract ZIP,TAR,TGZ,TBZ2 archives and extract many other formats as JAR,GZ,BZ2,TBZ,WAR,BZIP2,GZIP,Z,TAZ,CBZ etc. MicroZip allows you to extract selected files without extracting the whole ZIP archive. MicroZip also supports encrypted ZIP archives with both classic ZIP encryption and AES 256 encryption algorithm. -
21
RSA Encryption Tool
RSA algorithm based encryption tool.
A simple program written in C# utilizing .NET 4.6 to demonstrate RSA encryption in action. User can select a text file or input any text to encrypt. -
22
-
23
A hook script usable with TortoiseSVN (and possible other subversion clients/GUIs) providing transparent repository encryption (encryption/decryption at the client side).
-
24
Cryptomni is a program which can encrypt and decrypt files using the one-time pad cipher. If a key is truly random, kept secret, and never reused, this encryption algorithm can be proven to be unbreakable.
-
25
Java implementation of Shamir's Secret Sharing algorithm as described in Applied Cryptography [as LaGrange Interpolating Polynomial Scheme].
