Open Source Linux Encryption Software
Sort By:
Encryption Software for Linux
View 28 business solutionsBrowse free open source Encryption software and projects for Linux below. Use the toggles on the left to filter open source Encryption software by OS, license, language, programming language, and project status.
-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
VeraCrypt
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html -
2
SOPS
Simple and flexible tool for managing secrets
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. For the adventurous, unstable features are available in the develop branch, which you can install from source. To use sops as a library, take a look at the decrypt package. We rewrote Sops in Go to solve a number of deployment issues, but the Python branch still exists under python-sops. We will keep maintaining it for a while, and you can still pip install sops, but we strongly recommend you use the Go version instead. If you're using AWS KMS, create one or multiple master keys in the IAM console and export them, comma separated, in the SOPS_KMS_ARN env variable. It is recommended to use at least two master keys in different regions. If you want to use PGP, export the fingerprints of the public keys, comma separated, in the SOPS_PGP_FP env variable. -
3
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData is an open-source tool that could help you decrypt data ( password|bookmark|cookie|history|credit card|download|localStorage|extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. This tool is limited to security research only, and the user assumes all legal and related responsibilities arising from its use! The author assumes no legal responsibility! Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. -
4
xxHash
Extremely fast non-cryptographic hash algorithm
xxHash is an extremely fast non-cryptographic hash algorithm, working at RAM speed limit. It is proposed in four flavors (XXH32, XXH64, XXH3_64bits and XXH3_128bits). The latest variant, XXH3, offers improved performance across the board, especially on small data. It successfully completes the SMHasher test suite which evaluates collision, dispersion and randomness qualities of hash functions. Code is highly portable, and hashes are identical across all platforms (little / big endian). Performance on large data is only one part of the picture. Hashing is also very useful in constructions like hash tables and bloom filters. In these use cases, it's frequent to hash a lot of small data (starting at a few bytes). Algorithm's performance can be very different for such scenarios, since parts of the algorithm, such as initialization or finalization, become fixed cost. The impact of branch misprediction also becomes much more present. -
Find Hidden Risks in Windows Task SchedulerWindows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
-
5
Ciphey
Decrypt encryptions without knowing the key or cipher
Fully automated decryption/decoding/cracking tool using natural language processing & artificial intelligence, along with some common sense. You don't know, you just know it's possibly encrypted. Ciphey will figure it out for you. Ciphey can solve most things in 3 seconds or less. Ciphey aims to be a tool to automate a lot of decryptions & decodings such as multiple base encodings, classical ciphers, hashes or more advanced cryptography. If you don't know much about cryptography, or you want to quickly check the ciphertext before working on it yourself, Ciphey is for you. The technical part. Ciphey uses a custom-built artificial intelligence module (AuSearch) with a Cipher Detection Interface to approximate what something is encrypted with. And then a custom-built, customizable natural language processing Language Checker Interface, which can detect when the given text becomes plaintext. -
6
Ente
End-to-end encrypted cloud for photos, videos and 2FA secrets
Ente is a fully open-source, end‑to‑end encrypted cloud platform designed for securely storing and managing your photos, videos, and 2FA secrets — without needing to trust the service provider. It includes cross‑platform clients and a CLI for self‑hosting needs. Ente is a service that provides a fully open source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of this platform, we have built two apps so far: Ente Photos (an alternative to Apple and Google Photos) and Ente Auth (a 2FA alternative to the deprecated Authy). This monorepo contains all our source code - the client apps (iOS / Android / F-Droid / Web / Linux / macOS / Windows) for both the products (and more planned future ones!), and the server that powers them. -
7
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for personal data encryption, backup use-cases, scripting encryption workflows, and embedding encryption in tools. Because of its design philosophy, it avoids the bloat of many older encryption utilities while maintaining strong cryptographic hygiene. It’s especially useful for developers or system administrators who want to adopt encryption without learning a multitude of options. -
8
GopenPGP V3
A high-level OpenPGP library
GopenPGP V3 is a high-level OpenPGP cryptographic library developed by ProtonMail that provides a user-friendly API for common encryption and signing operations in Go, abstracting the complexity of the underlying OpenPGP standards and golang crypto primitives. This library lets developers perform key generation, message encryption and decryption, digital signing, and signature verification with straightforward functions that hide much of the boilerplate and nuance typically required when working directly with OpenPGP implementations. Built on top of a forked version of the Go crypto library, gopenpgp supports current OpenPGP RFC standards and includes examples for working with password-based encryption and PGP keys, as well as detached and inline signatures. Because it’s designed for broad use, the library also targets go-mobile compatibility, meaning it can support mobile app use cases alongside server and desktop tooling. -
9
Keybase client
Keybase Go library, client, service, OS X, iOS, Android, Electron
Keybase is secure messaging and file-sharing. We use public key cryptography to ensure your messages stay private. Even we can’t read your chats. Keybase works for families, roommates, clubs, and groups of friends, too. Keybase connects to public identities, too. You can connect with communities from Twitter, Reddit, and elsewhere. Don’t live dangerously when it comes to documents. Keybase can store your group’s photos, videos, and documents with end-to-end encryption. You can set a timer on your most sensitive messages. This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software. -
Grafana: The open and composable observability platformGrafana is the open source analytics & monitoring solution for every database.
-
10
cppcrypto
C++ cryptographic library (modern hash functions, ciphers, KDFs)
cppcrypto provides optimized implementations of cryptographic primitives. Hash functions: BLAKE, BLAKE2, Echo, Esch, Groestl, JH, Kupyna, MD5, SHA-1, SHA-2, SHA-3, SHAKE, Skein, SM3, Streebog, Whirlpool. Block ciphers: Anubis, Aria, Camellia, CAST-256, Kalyna, Kuznyechik, Mars, Serpent, Simon, SM4, Speck, Threefish, Twofish, and Rijndael (AES) with all block/key sizes. Stream ciphers: HC-128, HC-256, Salsa20, XSalsa20, ChaCha, XChaCha. Encryption modes: CBC, CTR. AEAD modes: Encrypt-then-MAC (EtM), GCM, OCB, ChaCha-Poly1305, Schwaemm. Streaming AEAD. MAC functions: HMAC, Poly1305. Key derivation functions: PBKDF2, scrypt, Argon2, HKDF. Includes sample command-line tools: - 'digest' - for calculating and verifying file checksum(s) using any of the supported hash algorithms (similar to md5sum or RHash). - 'cryptor' - for file encryption using Serpent-256 algorithm in AEAD mode. Check out the cppcrypto web site linked below for programming documentation. -
11
Hemmelig
Keep your sensitive information out of chat logs, emails, and more
Hemmelig is a privacy-focused secret sharing service that lets users securely share sensitive information like passwords, API keys, private notes, or confidential links using client-side encryption so that the server never sees unencrypted data. It operates with a zero-knowledge architecture: all encryption and decryption happen in the browser, and only encrypted blobs are transmitted to and stored on the server, reducing the risk of leaks or unauthorized access. Users can generate shareable links with optional expiration times, view limits, and password protection to tailor how and when secrets are consumed, and links automatically expire or self-destruct after use to prevent reuse or exposure. The platform supports easy deployment via Docker or hosted options, making it practical for individuals, teams, or enterprises that want to safeguard secrets without relying on third-party storage. -
12
shadowsocks-libev
Bug-fix-only libev port of shadowsocks
Shadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. Shadowsocks-libev is written in pure C and depends on libev. It's designed to be a lightweight implementation of shadowsocks protocol, in order to keep the resource usage as low as possible. Snap is the recommended way to install the latest binaries. You can build shadowsocks-libev and all its dependencies by script. The latest shadowsocks-libev has provided a redir mode. You can configure your Linux-based box or router to proxy all TCP traffic transparently, which is handy if you use an OpenWRT-powered router. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend setting up your server's firewall rules to limit connections from each user. We strongly encourage you to install shadowsocks-libev from jessie-backports-sloppy. -
13
transfer.sh
Easy and fast file sharing from the command-line
Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh currently supports the s3 (Amazon S3), gdrive (Google Drive), storj (Storj) providers, and local file system (local). For easy deployment, we've created a Docker container. For the usage with a AWS S3 Bucket, you just need to specify the following options, provider, aws-access-key, aws-secret-key, bucket, and s3-region. If you specify the s3-region, you don't need to set the endpoint URL since the correct endpoint will used automatically. To use a custom non-AWS S3 provider, you need to specify the endpoint as defined from your cloud provider. In preparation you need to create an access grant (or copy it from the uplink configuration) and a bucket. To get started, login to your account and go to the Access Grant Menu and start the Wizard on the upper right. -
14
VanitySearch
VanitySearch is a Bitcoin address prefix lookup tool.
VanitySearch is a Bitcoin address prefix lookup tool. If you want to generate a secure private key, use the `-s` option to enter your passphrase, which will be used to generate the base key conforming to the BIP38 standard (e.g., `VanitySearch.exe -s "my passphrase" 1MyPrefix"`). You can also use `VanitySearch.exe -ps "my passphrase"`, which adds a cryptographically secure seed to your passphrase.Fixed custom address matching errors and private key conversion errors, changed the randomizer, added puzzles suitable for finite regions, added random and incremental modes, added -e to enable homomorphism, and optimized CPU using AVX2, etc. -
15
An encryption/decryption engine which can encrypt any file(text, pdf , doc, rtf , gpg , mp3 , mp4 etc..) or any data on your PC such that only you with the valid password can decrypt it.Also it will compress the file while encrypting it.
-
16
aws-encryption-sdk-cli
CLI wrapper around aws-encryption-sdk-python
This command line tool can be used to encrypt and decrypt files and directories using the AWS Encryption SDK. If you have not already installed cryptography, you might need to install additional prerequisites as detailed in the cryptography installation guide for your operating system. Installation using a python virtual environment is recommended to avoid conflicts between system packages and user-installed packages. For the most part, the behavior of aws-encryption-cli in handling files is based on that of GNU CLIs such as cp. A qualifier to this is that when encrypting a file, if a directory is provided as the destination, rather than creating the source filename in the destination directory, a suffix is appended to the destination filename. By default the suffix is .encrypted when encrypting and .decrypted when decrypting, but a custom suffix can be provided by the caller if desired. -
17
FinalCrypt
FinalCrypt - Unbreakable One-Time Pad Encryption
Why FinalCrypt? 1. Most people choose Disk-Encryption as it's easier to unlock a whole drive, but Big-Brother or Malware can then also read all your files. Only use File-Encryption! 2. Most software uses recently broken AES encryption. 3. Soon The Shor's algorithm will instantly break all assymmetric encryption with Quantum Computers. 4. FinalCrypt uses Symmetric One Time Pad Encryption, which is the most unbreakable encryption there is. 5. FinalCrypt is the only "One Time Pad", OpenSource, Cross-Platform, (Bulk) File Encryption Software available. -
18
KeyKiller-Cuda
Solving the Satoshi Puzzle
KeyKiller is a GPU-accelerated version of the KeyKiller project, designed to achieve extreme performance in solving Satoshi Nakamoto's puzzles using modern NVIDIA GPUs. KeyKiller CUDA pushes the limits of cryptographic key search performance by leveraging CUDA, thread-beam parallelism, and batch EC operations. The command-line version is open-source and free to use. For the paid advanced graphics version, please visit: https://gitlab.com/8891689/KeyKiller-Cuda/ -
19
BIP39-XOR
Encrypt or decrypt 12, 15, 18, 21 or 24 BIP39 codewords array ("seed")
Encrypt or decrypt 12, 15, 18, 21 or 24 BIP39 codewords array (so-called "seed phrase") using exclusive OR (XOR)/Vernam cipher (a.k.a. One Time Pad). If not input by a user, an encryption key is automatically generated at random. Encryption with such a key preserves integrity of BIP-39 checksums of all keys (that's distinct while also compatible with SeedXOR implementation). -
20
SafeBox
The Best file security app.
A free and Open-Source File Encryption and Decryption app with GUI (Graphical User Interface) and CLI (Command Line Interface) that help you to protect your privacy well using AES (Advanced Encryption System) with your own password and get a single (portable )encrypted file that can share across internet or unsafe places with peace of mind without any data collection or any extra/hidden processes, It also can keep and encrypt the original file name within the file then while decryption (if you ticked the option) it can recover the original file name. I tried hard to help you in your privacy protection and keep this project running and developing. Good Luck :) -
21
QPass is easy to use, open source password manager application with built-in password generator. You can store in it's database such data as passwords and logins which will be encrypted using AES-256 with PBKDF2(number of iterations set by user). Each entry can include additional information about entry such as name, url adress and description.
-
22
Address_Decode
Decode various cryptocurrency addresses
Address to hash160 is an efficient multi-threaded tool designed to decode various cryptocurrency addresses (such as Bitcoin BTC,Bitcoin Cash BCH, Litecoin LTC, Bitcoin Gold BTG, etc.) to extract hash160 values. It is often used in research such as brainflayer, keyhunt, BitCrack, ecloop, keyhunt cuda, etc. -
23
CrococryptFile
An encryption tool for creating file archives
CrococryptFile is a file encryption tool which creates encrypted archives of files and folders. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile... - encrypts all file and folder information including filenames, time/date and filesize information, - disguises any information of the archive's content, because all data and meta-data is simply integrated into a giant file dump. =Crypto Suites= For a full list of and details about supported crypto suites, please visit the CrococryptFile Homepage. Examples: - Password-based encryption (following PBKDF2) with AES-256, Twofish, Serpent, ... - Public key encryption using GPG/OpenPGP, Windows Keystore/CAPI with RSA/X.509 certificates - Cloaked (headerless) Password-based Encryption (AES-Twofish-256 cascaded) - ... -
24
Portable Text Encryption
Single Linux or Windows binary for secure text encryption
Self contained and completely portable binary encrypts text for secure email, messaging, irc use, etc., ideal for USB flash drives. AES-128/192/256 (ecb/cbc), Blowfish (ecb/cbc), DES / TripleDES (ecb/cbc/ofb/cfb), or RC4. Linux and Windows binaries. I don't make cute interfaces, it just works. https://codeberg.org/BloodFeastMan/pte I would also recommend FTC, encrypts both files and text using the same interface as PTE, and a separate encryption and hashing engine I wrote in Crystal, and is much faster than PTE: https://sourceforge.net/projects/ft-crypt/ -
25
