Secure Ecrypted Data with Decoys

Encrypted file vaults with support of multiple keys: plausible deniability made easy. Sakhar scrambles resulting container in a way that it becomes indistinguishable from random data.

IMPORTANT! Sandboxed version cannot unpack files to an arbitrary directory, just like any archiving utility that needs to unpack data into several separate files. Currently, unpacking is ONLY supported into SUBDIRECTORIES of the user folder "~/Downloads". These are the limitations of the sandbox.

In case you want to be able to unpack to any location in the system (for example, to external drives) – you can download the non-sandboxed version from

IMPORTANT! While we recommend using true random sequences larger than 24KB for private keys, Sakhar does everything to make usage of any, even a completely non-random, files possible while maintaining strong cryptography.

It is also necessary to remember the important case, when it will be impossible to restore encrypted data:
— loss of a key file,
— change of even one bit in the key file.

Also important: a compromised key file doesn't increase the chances of hacking if the encryption password is not known to a bad actor.

Key features.

– Strong encryption algorithms ensure security of stored information.
– Variable number of file vaults inside single encrypted unit with different key for each vault.
– No possibility of finding the number of file vaults or evidence of their existence.

How does it work?

To encrypt and hide files and folders you should add them to Space (vault) that will be encrypted with a password or a key file.

The key feature is that you can create any number of Spaces inside single encrypted container. Sakhar processor then combines all data from all Spaces, encrypts it, adds disposable data and eventually scrambles resulting container in such a way that it becomes indistinguishable from random data.

After encryption there is no way to find out the number of Spaces or the fact of their existence. You can safely disclose security credentials for multiple Spaces, while keeping the most valuable of them in secret.

The only way to get all the encrypted data is to have all the security credentials used to create the container.

Options hints.

– Noise level

Sets the amount of dummy data that will be injected into resulting container. In general higher levels are more secure, however the size of resulting container may increase significantly.

When encrypting small files it is strongly recommended to set this value at least to 7. If you encrypt multiple Spaces with huge number of files you can set this value to 0 relatively safely.

– Number of Cores

Defines the number of simultaneous execution threads used for data encryption or decoding. Defaults to the half of available processor cores.

If you plan to encrypt large files and your system is not under heavy load higher values are recommended.

What’s New

Version 1.2.3

– Overall performance improvements
– Minor bugfixes

App Privacy

The developer, Bogdan Shvydkyi, indicated that the app’s privacy practices may include handling of data as described below. For more information, see the developer’s privacy policy.

Data Not Collected

The developer does not collect any data from this app.

Privacy practices may vary, for example, based on the features you use or your age. Learn More


  • Family Sharing

    With Family Sharing set up, up to six family members can use this app.