Your solution for E2E encryption of cloud data
Encrypts your data using the LibrePGP standard.
LibrePGP (also PGP v5) is a modern, open standard for end-to-end encryption, compatible with widely used applications such as GnuPG, Kleopatra, or Mozilla Thunderbird.
Supports post-quantum cryptography.
Be prepared for the future – CryptoCult Encryption Desktop uses the Kyber encryption algorithm, which is resistant to quantum computer attacks.
Cloud provider sees only encrypted data.
Your cloud storage provider has no access to the contents of your files. They only see encrypted data (containers) with no way to decrypt them.
Supports re-encryption if keyset needs to change.
A tool called the synchronization node can re-encrypt individual storage when needed (e.g., when a user key is compromised or when the team composition with access to encrypted data changes).
User-friendly system for Windows and macOS.
Apart from entering a password after logging into the system, the average user doesn't need to do anything else. Their data is automatically encrypted when uploaded to the cloud and decrypted when downloaded.
Version 1.0 of CryptoCult Encryption Desktop supports encryption of SharePoint drives in Microsoft 365 clouds, which are the most widespread in the Czech and Slovak IT environment. Version 2.0 will also include support for the open-source NextCloud and migration tools for transitioning between them.
Technology
The controlling element of the system is the Kraken keyserver, where administrators can configure which drives will be encrypted. They also assign individual keys to users. Only public keys for users and drives are stored on Kraken, so it cannot decrypt any data by itself. The keyserver is typically located behind a VPN so that only authorized company users can access it.
CCED clients run on users' computers, proxying cloud traffic with the help of a specialized system driver. Every file to be uploaded to an encrypted drive is encrypted before upload and decrypted again before download. This process runs autonomously and the user doesn't need to intervene. The running client queries the Kraken keyserver for the keys to use.
An optional but very useful element of the system is the synchronization node, which also has a key to the managed storage and can therefore re-encrypt it, update it to a newer version, etc., when needed. This happens, for example, when a user loses their key (e.g., due to laptop theft) and needs to be assigned a new one.
The synchronization node is always located in a private network and communicates only with the Kraken keyserver and the cloud itself. It can be maintained separately (so-called air-gap) and connected only briefly when it needs to perform an operation.
About Us
We provide you with first-class tools for secure communication
CircleTech, s.r.o was founded in 2004. For over twenty years, we have been using the most advanced cryptographic methods and developing products designed to perfectly protect our clients' privacy.
We are a purely Czech company, which is why we thoroughly understand not only the local market and client requirements, but are also able to quickly adapt to current situations and adjust our products and services accordingly.
Everyone has the right to privacy
We believe that the right to privacy and its protection is an inalienable right of every human being.
We believe in co-operation as a foundation of success
The system CryptoCult Encryption Desktop is being developed with co-operation and support of the Aricoma group.