Open Source Linux Encryption Software
Sort By:
Encryption Software for Linux
View 27 business solutionsBrowse free open source Encryption software and projects for Linux below. Use the toggles on the left to filter open source Encryption software by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
1
VeraCrypt
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html -
2
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData is an open-source tool that could help you decrypt data ( password|bookmark|cookie|history|credit card|download|localStorage|extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. This tool is limited to security research only, and the user assumes all legal and related responsibilities arising from its use! The author assumes no legal responsibility! Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. -
3
SOPS
Simple and flexible tool for managing secrets
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. For the adventurous, unstable features are available in the develop branch, which you can install from source. To use sops as a library, take a look at the decrypt package. We rewrote Sops in Go to solve a number of deployment issues, but the Python branch still exists under python-sops. We will keep maintaining it for a while, and you can still pip install sops, but we strongly recommend you use the Go version instead. If you're using AWS KMS, create one or multiple master keys in the IAM console and export them, comma separated, in the SOPS_KMS_ARN env variable. It is recommended to use at least two master keys in different regions. If you want to use PGP, export the fingerprints of the public keys, comma separated, in the SOPS_PGP_FP env variable. -
4
AWS Encryption SDK for Java
AWS Encryption SDK
The AWS Encryption SDK is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It enables you to focus on the core functionality of your application, rather than on how to best encrypt and decrypt your data. The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and JavaScript) that determines which wrapping keys you use to protect your data. Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. By default, the AWS Encryption SDK generates a unique data key for each data object that it encrypts. -
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
Ciphey
Decrypt encryptions without knowing the key or cipher
Fully automated decryption/decoding/cracking tool using natural language processing & artificial intelligence, along with some common sense. You don't know, you just know it's possibly encrypted. Ciphey will figure it out for you. Ciphey can solve most things in 3 seconds or less. Ciphey aims to be a tool to automate a lot of decryptions & decodings such as multiple base encodings, classical ciphers, hashes or more advanced cryptography. If you don't know much about cryptography, or you want to quickly check the ciphertext before working on it yourself, Ciphey is for you. The technical part. Ciphey uses a custom-built artificial intelligence module (AuSearch) with a Cipher Detection Interface to approximate what something is encrypted with. And then a custom-built, customizable natural language processing Language Checker Interface, which can detect when the given text becomes plaintext. -
6
AWS Encryption SDK for C
AWS Encryption SDK for C
The AWS Encryption SDK for C is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It uses a data format compatible with the AWS Encryption SDKs in other languages. For more information on the AWS Encryption SDKs in all languages, see the Developer Guide. We will demonstrate some simple build recipes for Linux, Mac, and Windows operating systems. These recipes assume a newly installed system with default installs of dependency packages. The Windows instructions install everything in your current directory (where you run the build process). The AWS Encryption SDK for C can be used with AWS KMS, but it is not required. For best results when doing a build with AWS KMS integration, do not install aws-c-common directly. Build and install the AWS SDK for C++, which will build and install aws-c-common for you (see the C++ SDK dependencies here). -
7
xxHash
Extremely fast non-cryptographic hash algorithm
xxHash is an extremely fast non-cryptographic hash algorithm, working at RAM speed limit. It is proposed in four flavors (XXH32, XXH64, XXH3_64bits and XXH3_128bits). The latest variant, XXH3, offers improved performance across the board, especially on small data. It successfully completes the SMHasher test suite which evaluates collision, dispersion and randomness qualities of hash functions. Code is highly portable, and hashes are identical across all platforms (little / big endian). Performance on large data is only one part of the picture. Hashing is also very useful in constructions like hash tables and bloom filters. In these use cases, it's frequent to hash a lot of small data (starting at a few bytes). Algorithm's performance can be very different for such scenarios, since parts of the algorithm, such as initialization or finalization, become fixed cost. The impact of branch misprediction also becomes much more present. -
8
MemGuard
Secure software enclave for storage of sensitive information in memory
This package attempts to reduce the likelihood of sensitive data being exposed when in memory. It aims to support all major operating systems and is written in pure Go. Sensitive data is encrypted and authenticated in memory with XSalsa20Poly1305. The scheme used also defends against cold-boot attacks. Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage collector. Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows. The effort is taken to prevent sensitive data from touching the disk. This includes locking memory to prevent swapping and handling core dumps. Kernel-level immutability is implemented so that attempted modification of protected regions results in an access violation. -
9
Keybase client
Keybase Go library, client, service, OS X, iOS, Android, Electron
Keybase is secure messaging and file-sharing. We use public key cryptography to ensure your messages stay private. Even we can’t read your chats. Keybase works for families, roommates, clubs, and groups of friends, too. Keybase connects to public identities, too. You can connect with communities from Twitter, Reddit, and elsewhere. Don’t live dangerously when it comes to documents. Keybase can store your group’s photos, videos, and documents with end-to-end encryption. You can set a timer on your most sensitive messages. This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software. -
Picsart Enterprise Background Removal API for Stunning eCommerce VisualsWith our Remove Background API tool, you can access the transformative capabilities of automation , which will allow you to turn any photo asset into compelling product imagery. With elevated visuals quality on your digital platforms, you can captivate your audience, and therefore achieve higher engagement and sales.
-
10
aws-encryption-sdk
AWS Encryption SDK
The AWS Encryption SDK is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It enables you to focus on the core functionality of your application, rather than on how to best encrypt and decrypt your data. The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and JavaScript) that determines which wrapping keys you use to protect your data. Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. -
11
transfer.sh
Easy and fast file sharing from the command-line
Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh currently supports the s3 (Amazon S3), gdrive (Google Drive), storj (Storj) providers, and local file system (local). For easy deployment, we've created a Docker container. For the usage with a AWS S3 Bucket, you just need to specify the following options, provider, aws-access-key, aws-secret-key, bucket, and s3-region. If you specify the s3-region, you don't need to set the endpoint URL since the correct endpoint will used automatically. To use a custom non-AWS S3 provider, you need to specify the endpoint as defined from your cloud provider. In preparation you need to create an access grant (or copy it from the uplink configuration) and a bucket. To get started, login to your account and go to the Access Grant Menu and start the Wizard on the upper right. -
12
shadowsocks-libev
Bug-fix-only libev port of shadowsocks
Shadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. Shadowsocks-libev is written in pure C and depends on libev. It's designed to be a lightweight implementation of shadowsocks protocol, in order to keep the resource usage as low as possible. Snap is the recommended way to install the latest binaries. You can build shadowsocks-libev and all its dependencies by script. The latest shadowsocks-libev has provided a redir mode. You can configure your Linux-based box or router to proxy all TCP traffic transparently, which is handy if you use an OpenWRT-powered router. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend setting up your server's firewall rules to limit connections from each user. We strongly encourage you to install shadowsocks-libev from jessie-backports-sloppy. -
13
Amazon DynamoDB Encryption Client Python
Amazon DynamoDB Encryption Client for Python
The Amazon DynamoDB Encryption Client for Python provides client-side encryption of Amazon DynamoDB items to help you to protect your table data before you send it to DynamoDB. It provides an implementation of the Amazon DynamoDB Encryption Client that is fully compatible with the Amazon DynamoDB Encryption Client for Java. The helper clients provide a familiar interface but the actual item encryption and decryption is handled by a low-level item encryptor. You usually will not need to interact with these low-level functions, but for certain advanced use cases it can be useful. If you do choose to use the item encryptor functions directly, you will need to provide a CryptoConfig for each call. By default, the helper clients use your attribute actions and cryptographic materials provider to build the CryptoConfig that is provided to the item encryptor. For some advanced use cases, you might want to provide a custom CryptoConfig for specific operations. -
14
Microsoft SEAL
Easy-to-use and powerful homomorphic encryption library
Microsoft SEAL is an open-source homomorphic encryption library that allows computations to be performed directly on encrypted data, with no need for any decryption. Developed by the Cryptography and Privacy Research group at Microsoft, it enables software engineers to build end-to-end encrypted data storage and computation services that never have to procure the customer's key. Microsoft SEAL is very easy to use, compile and run in many different environments. Homomorphic encryption is an encryption scheme that allows the cloud to compute directly on the encrypted data, without requiring the data to be decrypted first. This results in encrypted computations remaining encrypted, decrypted only by the data owner using the secret key. -
15
aws-encryption-sdk-cli
CLI wrapper around aws-encryption-sdk-python
This command line tool can be used to encrypt and decrypt files and directories using the AWS Encryption SDK. If you have not already installed cryptography, you might need to install additional prerequisites as detailed in the cryptography installation guide for your operating system. Installation using a python virtual environment is recommended to avoid conflicts between system packages and user-installed packages. For the most part, the behavior of aws-encryption-cli in handling files is based on that of GNU CLIs such as cp. A qualifier to this is that when encrypting a file, if a directory is provided as the destination, rather than creating the source filename in the destination directory, a suffix is appended to the destination filename. By default the suffix is .encrypted when encrypting and .decrypted when decrypting, but a custom suffix can be provided by the caller if desired. -
16
CrococryptFile
An encryption tool for creating file archives
CrococryptFile is a file encryption tool which creates encrypted archives of files and folders. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile... - encrypts all file and folder information including filenames, time/date and filesize information, - disguises any information of the archive's content, because all data and meta-data is simply integrated into a giant file dump. =Crypto Suites= For a full list of and details about supported crypto suites, please visit the CrococryptFile Homepage. Examples: - Password-based encryption (following PBKDF2) with AES-256, Twofish, Serpent, ... - Public key encryption using GPG/OpenPGP, Windows Keystore/CAPI with RSA/X.509 certificates - Cloaked (headerless) Password-based Encryption (AES-Twofish-256 cascaded) - ... -
17
safelock-cli
⚡Fast files encryption CLI built with GO
Fast files encryption (AES-GCM) package and command-line tool built for speed with Go ⚡ Examples: - Encrypt a path with default options > safelock-cli encrypt path_to_encrypt encrypted_file_path - Decrypt a file > safelock-cli decrypt encrypted_file_path decrypted_files_path - If you want it to run silently with no interaction > echo "password123456" | safelock-cli encrypt path_to_encrypt encrypted_file_path --quiet -
18
sjcl
Stanford Javascript Crypto Library
The Stanford Javascript Crypto Library is a project by the Stanford Computer Security Lab to build a secure, powerful, fast, small, easy-to-use, cross-browser library for cryptography in Javascript. SJCL is small but powerful. The minified version of the library is under 6.4KB compressed, and yet it posts impressive speed results. SJCL is secure. It uses the industry-standard AES algorithm at 128, 192 or 256 bits; the SHA256 hash function; the HMAC authentication code; the PBKDF2 password strengthener; and the CCM and OCB authenticated-encryption modes. Just as importantly, the default parameters are sensible: SJCL strengthens your passwords by a factor of 1000 and salts them to protect against rainbow tables, and it authenticates every message it sends to prevent it from being modified. We believe that SJCL provides the best security which is practically available in Javascript. -
19
transcrypt git
transparently encrypt files within a git repository
A script to configure transparent encryption of sensitive files stored in a Git repository. Files that you choose will be automatically encrypted when you commit them, and automatically decrypted when you check them out. The process will degrade gracefully, so even people without your encryption password can safely commit changes to the repository's non-encrypted files. transcrypt protects your data when it's pushed to remotes that you may not directly control (e.g., GitHub, Dropbox clones, etc.), while still allowing you to work normally on your local working copy. You can conveniently store things like passwords and private keys within your repository and not have to share them with your entire team or complicate your workflow. transcrypt is in the same vein as existing projects like git-crypt and git-encrypt, which follow Git's documentation regarding the use of clean/smudge filters for encryption. -
20
BIP39-XOR
Encrypt or decrypt 12, 15, 18, 21 or 24 BIP39 codewords array ("seed")
Encrypt or decrypt 12, 15, 18, 21 or 24 BIP39 codewords array (so-called "seed phrase") using exclusive OR (XOR)/Vernam cipher (a.k.a. One Time Pad). If not input by a user, an encryption key is automatically generated at random. Encryption with such a key preserves integrity of BIP-39 checksums of all keys (that's distinct while also compatible with SeedXOR implementation). -
21
Portable Text Encryption
Single Linux or Windows binary for secure text encryption
Self contained and completely portable binary encrypts text for secure email, messaging, irc use, etc., ideal for USB flash drives. AES-128/192/256 (ecb/cbc), Blowfish (ecb/cbc), DES / TripleDES (ecb/cbc/ofb/cfb), or RC4. Linux and Windows binaries. I don't make cute interfaces, it just works. https://codeberg.org/BloodFeastMan/pte -
22
Cryptonik
Text encryption tool using Vigenère cipher
Cryptonik-Text is a useful, simple to use tool for encrypt/decrypt text docs, messages, notes etc. Application uses a charset that can be typed from any keyboard (on-screen or hardware). Some national symbols are converted to 26 standard latin letters. -
23
RSA Encryption Tool
RSA algorithm based encryption tool.
A simple program written in C# utilizing .NET 4.6 to demonstrate RSA encryption in action. User can select a text file or input any text to encrypt. -
24
Largest Generic Hash and HMAC Program
57 Hash Functions In One Program, plus each with HMAC or KMAC
FEHASHMAC is the largest collection of publicly known hash algorithms integrated into a command-line utility. FEHASHMAC contains a set of known test vectors and results for each algorithm such that the correct implementation for each hardware platform and compiler version can directly be verified. Currently 57 hash algorithms like sha1 sha224 sha256 sha384 sha512 and variants, sha3 and shake, all SHA3 finalists and blake3, md2 md4 md5 md6, rmd128 rmd160 rmd256 rmd320, whirl gost lash160 lash256 lash384 lash512 tiger2 and RFC 2104 HMAC and KMAC support are included, plus SHA3 extensions kmac128, kmac256, kmacxof128, kmacxof256 for message. -
25
An encryption/decryption engine which can encrypt any file(text, pdf , doc, rtf , gpg , mp3 , mp4 etc..) or any data on your PC such that only you with the valid password can decrypt it.Also it will compress the file while encrypting it.
