File Encryption

The next version of WinSCP will allow you to seamlessly encrypt your files on an SFTP server using AES-256 encryption.

As part of session settings, you can specify (or have WinSCP generate) an encryption key. WinSCP will then (by default) seamlessly encrypt all newly uploaded files and their names.

In WinSCP file panel, you will see the original file names and when you download files, you will get original contents. But anyone else, who does not know the key, including a server Administrator, will see only gibberish.

This, combined with WinSCP powerful synchronization features, allows you to use your server quota as a safe backup storage for your private data.

The following images show how an encrypted folder and files show to a user who knows the encryption key and to a user who does not know the encryption key:

Requirements on Server File System

Encryption of file names uses Base64 encoding. To preserve file names encoded in Base64 encoding, the target file system should be case-sensitive (Linux servers use case-sensitive file systems) or at least case-preserving (with a small risk of collision - Windows NTFS is case-preserving).

The file system also needs to support reasonably long file names. Base64 encoding adds a 33% overhead to a filename length. Additionally, an encoded salt and the .aesctr.enc extension add another approximately 33 characters.

With common 255-character limit of common NTFS and ext file systems, file names up to 167-characters long can be stored.

Encryption Details

To encrypt file names and file contents, WinSCP uses industry standard AES-256 CTR encryption. Use of standards guarantees you, that even if WinSCP stops working or becomes unavailable for whatever reason, you will still be able to decrypt your files.

Process of encrypting file names:

  • 16 bytes (128 bits) of salt is generated.
  • File name is represented in bytes using UTF-8 encoding.
  • Encoded file name is encrypted.
  • Concatenated salt and encrypted file name are encoded using Base64 encoding.
  • All slash characters (/) in a result of Base64 encoding are replaced with underscore (_). Trailing equal signs (=) are removed.
  • .aesctr.enc extension is added.

Process of encrypting file contents:

  • Fixed file header aesctr.......... is written to the output file.
  • 16 bytes (128 bits) of salt is generated and written to the output file.
  • File contents is encoded and written.
  • Empty files are encoded as empty files (no header nor salt).

File modification time is stored as is (not encrypted in any way). Encrypted files are 32 bytes larger than originals. Hence size of an original file can also be deduced.

We provide a standalone PowerShell implementation of file decrypting.

Last modified: by martin