Now any developer can code secure encryption for data at rest... in just 3 lines of code.
Dramatically slash the time, costs and difficulty of developing secure applications by never coding a line of crypto.
Crypto is hard. But files are easy.
Because the ScramFS API is designed exactly like a file system API, crypto just got dead easy. If you know how to open, read, write and close a file, you can now develop high performance applications with encrypted data storage.
Secure, at-rest persistence has never been this simple
Our revolutionary approach allows developers to call simple file system API functions, instead of complicated encryption API functions. ScramFS takes care of the rest.
Hard core cryptography made trivial
Load and save encrypted data in 3 lines of code.
| 3 lines of code for encrypted write: | ⇒ 36 crypto operations |
|---|---|
|
12 key derivations 16 encryptions 8 MAC calculations |
| 3 lines of code for encrypted read: | ⇒ 34 crypto operations |
|
12 key derivations 6 MAC calculations 4 encryptions 4 MAC comparisons 8 decryptions |
Complete and comprehensive API
All the operations you expect from a file system
| File content operations | File operations | Directory operations |
|---|---|---|
| Open Close Read Write Seek Tell Flush Truncate OpenForResume GetContents SetContents |
CreateFile Remove Copy Rename IsFile GetInfo SetTimes |
MakeDir RemoveDir CopyDir MoveDir IsDir ListDir |
Never, ever have to worry about crypto libraries, ciphers, MACs, Initialization Vectors, modes, key derivation, salting,
encoding schemes
Coding cryptography can be a complete nightmare. The learning curve is huge. Developers have to learn a completely new language, and consider attack and security models. On top of that, it’s extremely easy to make a mistake – and one mistake is all it takes to make a system completely insecure.
- Decisions when using ScramFS
- None
- Decisions when coding crypto manually
- Choice of cipher, hash functions, crypto liraries
- What cipher modes to use - CBC, CTR, GCM
- Key derivation and cryptographic access control for sharing
- Random number generators, entropy, seeding
- How much data to encrypt before changing encryption keys
- MAC calculations and comparisons
- Encrypt and MAC vs. encrypt then MAC vs. MAC then encrypt
- Padding data to AES block sizes
- Initialization vectors, nonces, salts
- Deterministic or probabilistic encryption
- Security parameters, attack model
- Post-quantum computer long term security of encrypted data
- Limitations in file name lengths and what to do if a file or directory name is too long
- Different character sets and limitations of various filesystems
Save time and money while making more profit
For software development houses, the value proposition of ScramFS is clear:
- Avoid the difficulties, time and costs in hiring a cryptographer or suitably qualified developer for the build phase
- Save on ongoing maintenance costs
- Achieve an end result that is likely to be more secure
- Concentrate on building your application, instead of worrying about cryptography
Especially if you’re running fixed-price development projects, using ScramFS removes a large burden of development from your project, reducing your risk and ultimately helping you make more profit.
Cross-platform support
As of 2017, ScramFS works on Windows, Mac, Linux and Raspbian.
Further cross-platform support is expected in the near future, covering Android and iOS.
Available for Python, with more language support to come
As of 2017, the ScramFS API is available for Python.
We plan to release bindings for other languages in the near future.
Please contact us to discuss your requirements and see if ScramFS will work for you.
ScramFS API whitepaper
