English | Français | Español | Deutsch | Português | Türkçe | 中文 | русский | Magyar | Italiano | پارسی | Polski

Picocrypt

Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tool that you can use to protect your files. It's designed to be the go-to tool for encryption, with a focus on security, simplicity, and reliability. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. It's designed for maximal security, making absolutely no compromises security-wise, and is built with Go's standard x/crypto modules. Your privacy and security are under attack. Take it back with confidence by protecting your files with Picocrypt.

Picocrypt

# Funding Please donate to Picocrypt on Open Collective (crypto is accepted) to raise money for a security audit from Cure53. Because this is a project that I spend many hours on and make no money from, I cannot pay for an audit myself. Picocrypt needs support from its community. # Downloads **Important**: There are multiple entities under the name "Picocrypt". For example, there's an old encryption tool called PicoCrypt that uses a broken cipher. There's also an ERC-funded research project called PICOCRYPT. There are even domains related to Picocrypt that I've never registered. Please don't confuse any of these unrelated projects with Picocrypt (this project). Make sure to only download Picocrypt from this repository to ensure that you get the authentic and backdoor-free Picocrypt. When sharing Picocrypt with others, be sure to link to this repository to prevent any confusion. ## Windows Picocrypt for Windows is as simple as it gets. To download the latest, standalone, and portable executable for Windows, click here. If Windows Defender or your antivirus flags Picocrypt as a virus, please do your part and submit it as a false positive for the betterment of everyone. If the executable above doesn't work, it likely means that your system doesn't support OpenGL. For this situation, I've provided an alternate implementation that will run on any Windows system, which you may download here. ## macOS Picocrypt for macOS is very simple as well. Download Picocrypt here, extract the zip file, and run Picocrypt which is inside. If you can't open Picocrypt because it's not from a verified developer, control-click on Picocrypt and hit "Open" to bypass the warning. One thing to keep in mind is that Picocrypt on macOS requires Rosetta 2 and OpenGL, both of which are likely to be removed by Apple in the future. This means that Picocrypt may no longer run on macOS in the future as Apple pushes their proprietary graphics and silicon. The solution? Don't buy Apple. They don't care about developers. ## Linux There are multiple ways to use Picocrypt on Linux. The recommended way is to install Picocrypt from a .deb here (Debian 11+ and Ubuntu 20+). If the .deb doesn't suit your needs or you don't use a Debian-based distro, feel free to use the AppImage from here. If neither of the options above work, you may install Picocrypt from Snapcraft, which should work on all distros. Find the instructions for Snapcraft here. ## Paranoid Packs The Paranoid Pack is a compressed archive that contains executables for every version of Picocrypt ever released for Windows, macOS, and Linux. As long as you have it stored in a place you can access, you'll be able to open it and use any version of Picocrypt in case this repository mysteriously vanishes or the entire Internet burns down. Think of it as a seed vault for Picocrypt. As long as one person has the Paranoid Pack within reach, they can share it with the rest of the world and keep Picocrypt functional in cases of catastrophic events like GitHub shutting down suddenly or the NSA capturing me (just in case, you know?). The best way to ensure Picocrypt is accessible many decades from now is to keep a Paranoid Pack in a safe place. So if you are worried about being unable to access Picocrypt in the future, well, here's your solution. Just head to the Releases tab and get yourself a copy. # Why Picocrypt? Why should you use Picocrypt instead of BitLocker, NordLocker, VeraCrypt, AxCrypt, or 7-Zip? Here are a few reasons why you should choose Picocrypt: # Comparison Here's how Picocrypt compares to other popular encryption tools. | | Picocrypt | VeraCrypt | 7-Zip (GUI) | BitLocker | Cryptomator | NordLocker | AxCrypt | | -------------- | -------------- | -------------- | -------------- | -------------- | -------------- | -------------- | -------------- | | Free |✅ Yes |✅ Yes |✅ Yes |🟧 Partially |✅ Yes |🟧 Partially |🟧 Partially | | Open Source |✅ GPLv3 |✅ Multi |✅ LGPL |❌ No |✅ GPLv3 |❌ No |❌ No | | Cross-Platform |✅ Yes |✅ Yes |❌ No |❌ No |✅ Yes |❌ No |❌ No | | Size |✅ 2 MiB |❌ 20 MiB |✅ 2 MiB |✅ Included |❌ 50 MiB |❌ 60 MiB |🟧 8 MiB | | Portable |✅ Yes |✅ Yes |❌ No |✅ Yes |❌ No |❌ No |✅ Yes | | Permissions |✅ None |❌ Admin |❌ Admin |❌ Admin |❌ Admin |❌ Admin |❌ Admin | | Ease-Of-Use |✅ Easy |❌ Hard |✅ Easy |🟧 Medium |🟧 Medium |🟧 Medium |✅ Easy | | Cipher |✅ XChaCha20 |✅ AES-256 |✅ AES-256 |🟧 AES-128 |✅ AES-256 |✅ AES-256 |🟧 AES-128 | | Key Derivation |✅ Argon2 |🆗 PBKDF2 |❌ SHA-256 |❓ Unknown |✅ Scrypt |✅ Argon2 |🆗 PBKDF2 | | Data Integrity |✅ Always |❌ No |❌ No |❓ Unknown |✅ Always |✅ Always |✅ Always | | Reed-Solomon |✅ Yes |❌ No |❌ No |❌ No |❌ No |❌ No |❌ No | | Compression |✅ Yes |❌ No |✅ Yes |✅ Yes |❌ No |❌ No |✅ Yes | | Telemetry |✅ None |✅ None |✅ None |❓ Unknown |✅ None |❌ Analytics |❌ Accounts | | Audited |🟧 Planned |✅ Yes |❌ No |❓ Unknown |✅ Yes |❓ Unknown |❌ No | # Features Picocrypt is a very simple tool, and most users will intuitively understand how to use it in a few seconds. On a basic level, simply dropping your files, entering a password, and hitting Start is all that's needed to encrypt your files. Pretty simple, right? While being simple, Picocrypt also strives to be powerful in the hands of knowledgeable and advanced users. Thus, there are some additional options that you may use to suit your needs. # Security For more information on how Picocrypt handles cryptography, see Internals for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Google, Reddit, Ubuntu One/Snapcraft, Discord, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt. ## Signatures For the paranoid, Picocrypt is signed with PGP. The fingerprint and public key are listed below.
B342A744BDEEA57B6A583E33A247E73798946F55
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEYoGUHxYJKwYBBAHaRw8BAQdAvmQA+pdbDB/ynJxHhNDpz6Sb5tgkNuuNJIvw
HYwZtqi0CVBpY29jcnlwdIiTBBMWCgA7FiEEs0KnRL3upXtqWD4zokfnN5iUb1UF
AmKBlB8CGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQokfnN5iUb1UZ
RgEA8jbIsdqCr21DWxcqW/eLlbxRkuA8kflVYvWWUxtVqsUA/jQPSDpvA8rakvaL
PIbXjQvrAMkEVIc0HbCzLxr1k3sH
=YFwz
-----END PGP PUBLIC KEY BLOCK-----
# Community Consider joining r/Picocrypt. While I won't be active in the subreddit myself, it's still a great place to ask questions and help one another out, especially if something happens to me or this repository in the future. Remember to only trust this specific subreddit and be aware of hackers that might try to impersonate me on other platforms. I will never ask you for your password, and anyone who does is not me. I will never tell you to download a file from a suspicious link, and anyone who does is not me. # Stargazers How's Picocrypt doing? Take a look below to find out. ![Stargazers Over Time](https://starchart.cc/HACKERALERT/Picocrypt.svg) # Donations When I was actively developing Picocrypt, I accepted donations, but now that Picocrypt is complete and production-ready, there's no need anymore. Instead, take your time and effort to share the love of Picocrypt with others. Donations are nice, but being able to help others is a lot more valuable to me than a few spare dollars. Knowing that Picocrypt is helping people secure their files is plenty enough for me. # FAQ **Is Picocrypt accepting new features?** No, Picocrypt is considered feature-complete and won't be getting any new features. Unlike other tools which try to constantly add new features (which introduces new bugs and security holes), Picocrypt focuses on just a few core features but does each of them exceptionally well. Remember Picocrypt's ideology: small, simple, and secure. **Will Android/iOS be supported?** No, I don't plan on supporting Android or iOS because they are very different from traditional desktop operating systems and require different toolchains to develop apps for. Due to the nature of open-source software, however, a community-built version of Picocrypt for Android or iOS may appear in the future. **Why is Picocrypt not updated frequently?** People seem to have the notion that software must be constantly updated to stay relevant and secure. While this may be true for a lot of the software we use today, it is not for Picocrypt. Picocrypt is "good software" and good software doesn't need constant updates to remain relevant and secure. Good software will always be good software. # Thank Yous A thank you from the bottom of my heart to the people on Open Collective who have made a significant contribution: Also, a huge thanks to the following list of five people, who were the first to donate and support Picocrypt: As well, a great thanks to these people, who have helped translate Picocrypt and make it more accessible to the world: Finally, thanks to these people/organizations for helping me out when needed: