Keeping your files secure is a tricky thing. The topic of file security is very broad and confusing to many. But if you want a straight forward method to secure files with no fuse then you should take a look at Tomb by dyne.org. At its bare bones Tomb is nothing more than a script that uses system tools such as LUKS and cryptsetup. Another neat thing about Tomb is that it is 100% free and open source, that means you don’t have to take the word of the developer that it is secure. You can examine the code your self to make sure everything is in order. One thing to note though is that Tomb only works on Linux systems and it is a terminal application. So that means if you are not comfortable with working in the terminal then you will probably not enjoy using Tomb.

Now that I have gone over what Tomb is I will go over how Tomb works and how to use it. All Tomb does is create a secure folder that you can place files into that you want secured. Upon closing these folders created by Tomb, the contents inside will become secure by becoming encrypted. This is similar in concept to Veracrypt but in a much more bare bones method.

What makes Tomb secure? For one it uses strong encryption but this is true of most modern encryption tools. What really makes Tomb different is that unlike other encryption tools Tomb keeps the its encryption key separate from the data. This feature makes it statistically impossible to crack the encrypted data with out the key.

Installing Tomb

Installing Tomb is really easy, since I almost exclusively use Arch that is what I will be demonstrating all my how too’s with.

sudo pacman -S tomb #Installation for Arch Linux.

Creating a Secure Folder

tomb dig -s 100 filename.tomb #Creates a secure folder, "-s" sets the size of the folder in Mb.
tomb forge filename.tomb.key #Creates the encryption key.
tomb lock filename.tomb -k filename.tomb.key #Secures the folder with the encryption key.

Opening the Secure Folder

tomb open filename.tomb -k filename.tomb.key

Closing the Secure Folder

You have two options when closing a secure Tomb folder. You can use the “tomb close” command to close a specific Tomb folder or you can use the “tomb slam” command to force close all Tomb folders open.

tomb close #close specific Tomb folder.
tomb slam #Force close all open Tomb folders.

Placing your Encryption Key in an Image

tomb bury -k filename.tomb.key image.jpg

Summary

That pretty much sums up Tomb. It really is a simple but effective method for securing files. I have been using Tomb for a little over two years now and now I find myself reaching for Tomb almost exclusively. If your a Linux user then I would encourage you check it out.

Challenge Information

Overview: In the spirit of putting these security tools to the test I created the following challenge to see if Tomb is really as secure as its developers claim to be. I created a folder using Tombs basic usage settings given by dyne.org. Inside of the Tomb folder I placed the recovery seed of a BTC wallet I created and loaded with 0.00024718 BTC or about $5 worth. I uploaded the folder for any to download and attempt to crack. If you can crack it then accept the contents as a reward. But realistically the contents of the Tomb folder should remain safe for all of time. I will not access the contents at any time, in fact I no longer have possession of the BTC wallet recovery seed nor do I have the passphrase to the Tomb folder uploaded or the BTC wallet passphrase.
Rules: You can use whatever legal method needed to crack the file but don’t bother heading towards me for the answer. I no longer have the passphrase securing the file nor do I have the recovery seed for the BTC wallet.
Link: 001-or.tomb
BTC Address: bc1qt..
Bonus Hint: Send any amount to the above BTC address and send me proof and I will send you the encryption key. That will mean all you need to do is guess the passphrase.

Thanks for reading and good luck if you attempt to crack the challenge.