Kerveros

Your files aren’t training data.

Cloud storage in 2026 ships with built-in co-pilots, AI search, and “data improvement” clauses. Kerveros encrypts every file — including filenames — on your machine before it touches any provider. For small teams handling medical records, legal documents, financial data, or anything else the AI on the other end shouldn’t see. Provider-blind, AI-blind, BYOK.

  • macOS, Windows, Linux
  • One-time purchase — no subscription
  • One year of updates included
Kerveros file browser showing eight files in a shared encrypted workspace with lock-state badges

Built for teams who can’t hand the contents — or training rights — to a SaaS provider.

Provider-blind, AI-blind

XChaCha20-Poly1305 + Argon2id, derived from a passphrase that never leaves your machine. Your storage provider — and any LLM, indexer, or “AI-powered search” it bolts on later — sees opaque blobs. File contents, file names, folder structure: encrypted client-side.

BYOK, no vendor lock-in

Bring your own bucket on Tigris (5 GB free), Backblaze B2 (10 GB free), AWS S3, MinIO, or anything S3-compatible. Move providers in an afternoon. No proprietary cloud, no per-seat creep, no surprise ToS amendments that grant someone training rights over what you uploaded last quarter.

Locks that work for humans and agents

Atomic locks on the bucket prevent two people — or an AI agent and a person — from editing the same file at the same time. No silent overwrites. Tamper-evident audit trail of every check-in and check-out, signed and timestamped.

Local-first, telemetry-free

Files live on your machines; the cloud is just a synchronized ciphertext mirror. Work offline. Sync when you’re back. No telemetry-by-default, no “usage analytics” channel for someone to scoop your patterns, no round-trips for files you already have.

Auditable source code

Source is public for review on GitHub. The encryption code that protects your data is non-negotiable to audit — vendor pinky-promises don’t count when your data ends up in court, or in a model. Build it yourself if you don’t trust our signed binary.

Auto-updates & signed builds

Code-signed on macOS (Apple Developer ID + notarization) and Windows (Trusted Signing). Background updater, deterministic builds — supply-chain transparency you can actually verify, not just take our word for.

What it looks like

Kerveros file browser showing eight encrypted files with available / editing state badges
Every file is encrypted before it leaves your machine.
Right-click context menu on Brand-Logo-v3.svg showing Edit, View, History, Move, Delete
Right-click for per-file actions.
Lock and edit history dialog showing released and started-editing events
Full audit trail per file — compliance ready.
Settings dialog showing storage maintenance, privacy, and license sections
Settings — workspace, privacy, license. Light theme.

Simple pricing

Team

€299 up to 5 users, one-time

  • Up to 5 named users
  • One year of updates for all users
  • Priority email support
  • 14-day refund window
Buy Team — €299

Renewing for another year of updates after the first is optional — €29/year. The version you bought stays usable forever.

Download & try free for 14 days

Full features for 14 days. After that, read access stays available so you never lose your data.

Frequently asked

Do I need an S3 account before I install?

No. The onboarding wizard walks you through picking a provider (Tigris is recommended — 5 GB free, no card required) and links to their signup page. You enter your access key and secret key once, and Kerveros handles the rest.

What happens if I lose my passphrase?

Your files are unrecoverable. The passphrase derives the encryption key — we never see it, store it on a server, or have a backdoor. Save it in a password manager before you upload anything important.

Can my storage provider read my files?

No. Files are encrypted with XChaCha20-Poly1305 before they leave your machine. The manifest that maps file IDs to file names is also encrypted — the provider can’t even see what files you have, only opaque blobs.

Can my cloud provider train an LLM on my files?

They can train on what they can read. Kerveros never gives them readable content — each blob is XChaCha20-Poly1305 ciphertext, and no algorithm (gradient descent included) extracts useful signal from ciphertext without the key. If your provider’s terms grant them rights to “use” your content for “service improvement”, those rights apply to ciphertext — which is worthless to them.

What about Dropbox Dash, OneDrive Copilot, Google AI search?

Same answer. Those tools index plaintext and metadata: file names, contents, folder structure, edit history. Kerveros stores files as encrypted blobs with encrypted manifests — there’s nothing for those tools to index. From the provider’s side, your bucket is a list of opaque UUIDs. From your side, the file browser, lock state, and history all work normally inside the Kerveros app.

Does Kerveros itself use AI on my files?

No. There’s no AI feature, no embeddings pipeline, no “smart search” that needs to peek at plaintext. The app is a thin client over standard cryptographic primitives and S3. We don’t see your files; we don’t want to.

EU AI Act / NIS2 / data sovereignty?

Kerveros doesn’t make claims about specific compliance regimes — that depends on your processes and your provider. But the property those regimes care about for confidentiality is whether the storage provider has access to ciphertext only, and that’s exactly what Kerveros enforces. The data sovereignty question reduces to “where is your bucket?” — and that’s entirely your choice (EU regions on Tigris, Backblaze EU, or self-hosted MinIO all work).

What about HIPAA / SOC 2 compliance?

Kerveros is a tool, not a compliance program. Compliance is a property of your processes and your storage provider. The encryption properties (XChaCha20-Poly1305 + Argon2id, client-side keys) are appropriate for regulated workflows, but you remain responsible for the BAA / DPA with your storage provider, your access policies, and your incident response. We don’t sign BAAs because we never see your data; the chain of custody is between you and your bucket.

What happens after my year of updates ends?

Nothing breaks. The version you have keeps working forever. Renewing for another year of updates is €19. Most users renew because security fixes are part of updates.

How are licenses validated?

Through Lemon Squeezy, our payment provider. You enter your key once to activate it online; after that the app re-checks periodically and keeps working offline for up to two weeks between checks, so a dropped connection never locks you out. A refunded key stops working. This license check is the only thing Kerveros ever sends to a server — your files, file names, folder structure, and usage never leave your device.