CrypTag: Encrypted, Taggable, Searchable Cloud Storage

The Vision

Goal #1: to enable every internet user to securely access all their data from all their devices without trusting any intermediaries (such as the company storing the data), and to be able to selectively share this data with others.

Goal #2: to protect every internet user's data from suspicionless surveillance.

This goes for files that one might put in Dropbox, as well as data that is created and controlled by mobile and desktop apps that end up lying around unencrypted in the cloud.

Apps Launched


cpass (short for "CryptPass") is a command line password manager for Linux, Windows, and Mac OS X.

To get started, see


Similarly, cpass-sandstorm is a command line password manager that works just like cpass, except it is pre-configured to store your (encrypted) passwords in Sandstorm, which lets you host web apps on a computer you control. CrypTag for Sandstorm (see next section) is one such web app, and it stores and allows you to retrieve your (encrypted) passwords from cpass-sandstorm.

See the next section for how to get started quickly.

CrypTag for Sandstorm

Demo CrypTag for Sandstorm in your browser right now!

CrypTag Scope for Ubuntu Phone

Click here to install it on your Ubuntu Phone!



I was fortunate enough to give a talk announcing CrypTag at DEF CON, "the world's largest undergroud hacker conference", in August of 2015 in Las Vegas within the Crypto & Privacy Village.

Talk description from the announcement page:

Internet users should be able to access their data from anywhere without having to trust the web applications and cloud services storing that data.

But there's a problem. Zero-knowledge storage systems are often impractical for web apps because they can't perform often-essential functionality on behalf of the user, such as search, since they don't have the password to decrypt that data in order to search it, and you can't search encrypted data. Or can you?

This presentation introduces CrypTag, a library that enables Go programmers to easily build applications that store encrypted user data that users can tag and securely, efficiently, remotely search by those tags without revealing anything about the nature of said data to the party storing it. That is, CrypTag is a library for easily creating encrypted, taggable, searchable zero-knowledge systems.

This talk covers the tricks behind how CrypTag works, the pros and cons of using CrypTag versus alternatives, includes a live demo of a useful open source CrypTag-based program, and is suitable for anyone who knows what a server is and is excited about leveraging encryption to help everyday users and geeks alike.

CrypTag: Building Encrypted, Taggable, Searchable Zero-knowledge Systems from elimisteve

You can find the interactive slides for that talk here.