Nextcloud client side encryption with Cryptomator (Feature-Request)

Hello,

I would like to ask the developer if it is possible to cooperate with Cryptomator and make an app for client side encryption. I think many people want this app and it woud be a great step forward for Nextcloud encryption.
The Server side encryption is very good if you store your data on google drive or somthing like this but if you have an provider (sometimes it makes senes for some pepole) where you host Nextcloud and that have access to the data you are partially save.

here the link to cooperate with Cryptomator

I hope you know what i mean and somone can help to improve this vision.

+1 to this as well. Big fan of Cryptomator and been a user for the last few years. It was actually a YouTube video about Cryptomator that made me stumble upon Nextcloud and set it up over the last few days: https://youtu.be/r8S6NSCB4cY

Since I’ve been reading the manual and came across this and started searching to see if Cryptomator by Skymatic was an app and to my disymas it wasn’t.

https://docs.nextcloud.com/server/13/admin_manual/configuration_files/encryption_configuration.html#occ-encryption-label

Hope to hear from someone in the community to see if there are any efforts underway or if we can coordinate something going forward for the good of us all!

E2EE is a technical preview in Nextcloud 13, it will basically do what Cryptomator does. Hopefully it will be finalized in Nextcloud 14.

@alfred thanks for the reply. I’m glad you said that E2EE will be finalized in NC14 as I’ve tried to enable it and I’m running into issues as seen here and I’ve posted my responses as I don’t appear to be the only one and haven’t been able to get E2EE working.

https://github.com/nextcloud/server/issues/8546

Another thing I was looking into as well with my NC 13.0.1 RC1 was enabling server-side and client-side E2EE. One thing I noted is that on the windows client when the NCE2E client is off the files are readable in the folder. I’ve been reading through the docs and it appears that’s expected behavior. I was hoping for something like the Cryptomator approach of having to open the app and it unlocks the vault.

Oh well, I’ll look around and may submit a feature request enhancement to see it it’s viable as I don’t see why not as Cryptomator is open source and can be forked.

I know that Nextcloud has implemented end-to-end encryption at this point, but I’d just like to bump this topic specifically because it would be nice if Nextcloud specifically provided interoperability with Cryptomator.

As it is, it’s entirely possible to use Cryptomator with Nextcloud over WebDAV, and it’s possible to use Mountain Duck as a WebDAV client for Nextcloud, with or without Cryptomator vaults, but if one uses Cryptomator with Nextcloud, one generally loses the ability to make practical use of the official Nextcloud clients. Integrating Cryptomator into the Nextcloud clients would allow users to mix and match.

So for the purpose of interoperability I would suggest that Cryptomator integration no longer be marked as a deprecated feature request. Thanks!

Another reason I mention this is the long-standing issue of server-side encryption being just abjectly and pathetically broken when using Nextcloud’s built-in S3 backing:

And this is just one of the more recent of a large number of GitHub Issues about the same bug.

One of the commenters on the GitHub issue mentions that s3backer is much more reliable than Nextcloud’s native S3 integration, so it may be worth considering integrating or borrowing from that project. I dunno. But it would be nice if encryption was actually practically feasible, considering it’s a headlining feature.

To be clear: I have a personal Nextcloud instance, and I’m not able to use server-side encryption because I use S3. Properly functional encryption (in particular, seamless and invisible end-to-end encryption) is a prerequisite for me to have any other users on my instance.