ScramFS API

Now any developer can code secure encryption for data at rest... in just 3 lines of code.

Dramatically slash the time, costs and difficulty of developing secure applications by never coding a line of crypto.

Crypto is hard. But files are easy.

Because the ScramFS API is designed exactly like a file system API, crypto just got dead easy. If you know how to open, read, write and close a file, you can now develop high performance applications with encrypted data storage.

Secure, at-rest persistence has never been this simple

Our revolutionary approach allows developers to call simple file system API functions, instead of complicated encryption API functions. ScramFS takes care of the rest.

Hard core cryptography made trivial

Load and save encrypted data in 3 lines of code.

3 lines of code for encrypted write: ⇒ 36 crypto operations
storage_fs = OSFS('~/mystuff')scram_fs = ScramFS(secret_key, storage_fs)f = scram_fs.setcontents('shhh.txt', 'Secret data')
12 key derivations
16 encryptions
8 MAC calculations
 
3 lines of code for encrypted read: ⇒ 34 crypto operations
storage_fs = OSFS('~/mystuff')scram_fs = ScramFS(secret_key, storage_fs)f = scram_fs.getcontents('shhh.txt', 'r')
12 key derivations
6 MAC calculations
4 encryptions
4 MAC comparisons
8 decryptions

Complete and comprehensive API

All the operations you expect from a file system

File content operations File operations Directory operations
Open
Close
Read
Write
Seek
Tell
Flush
Truncate
OpenForResume
GetContents
SetContents
CreateFile
Remove
Copy
Rename
IsFile
GetInfo
SetTimes
MakeDir
RemoveDir
CopyDir
MoveDir
IsDir
ListDir

Never, ever have to worry about crypto libraries, ciphers, MACs, Initialization Vectors, modes, key derivation, salting,
encoding schemes

Coding cryptography can be a complete nightmare. The learning curve is huge. Developers have to learn a completely new language, and consider attack and security models. On top of that, it’s extremely easy to make a mistake – and one mistake is all it takes to make a system completely insecure.

  • Decisions when using ScramFS
  • None
  • Decisions when coding crypto manually
  • Choice of cipher, hash functions, crypto liraries
  • What cipher modes to use - CBC, CTR, GCM
  • Key derivation and cryptographic access control for sharing
  • Random number generators, entropy, seeding
  • How much data to encrypt before changing encryption keys
  • MAC calculations and comparisons
  • Encrypt and MAC vs. encrypt then MAC vs. MAC then encrypt
  • Padding data to AES block sizes
  • Initialization vectors, nonces, salts
  • Deterministic or probabilistic encryption
  • Security parameters, attack model
  • Post-quantum computer long term security of encrypted data
  • Limitations in file name lengths and what to do if a file or directory name is too long
  • Different character sets and limitations of various filesystems

Save time and money while making more profit

For software development houses, the value proposition of ScramFS is clear:

  • Avoid the difficulties, time and costs in hiring a cryptographer or suitably qualified developer for the build phase
  • Save on ongoing maintenance costs
  • Achieve an end result that is likely to be more secure
  • Concentrate on building your application, instead of worrying about cryptography

Especially if you’re running fixed-price development projects, using ScramFS removes a large burden of development from your project, reducing your risk and ultimately helping you make more profit.

Cross-platform support

As of 2017, ScramFS works on Windows, Mac, Linux and Raspbian.

Further cross-platform support is expected in the near future, covering Android and iOS.

windows apple linux raspberry

Available for Python, with more language support to come

As of 2017, the ScramFS API is available for Python.

We plan to release bindings for other languages in the near future.

Please contact us to discuss your requirements and see if ScramFS will work for you.

Send us a message

The field is required.




Cant read the image? click here to refresh