Tag Archives | truecrypt alternative

Lacie Private-Public AES256 encryption based on Truecrypt

/ 31 January, 2012 / Encryption Software / Permalink

Truecrypt alternative

Lacie Private-Public is a multilingual free encryption program for Windows and Mac computers based on Truecrypt, it comes with Truecrypt license included. What makes it different from Truecrypt is its simplicity of use, while Truecrypt will give you many encryption algorithms and options this tool sticks to the standard AES256 encryption and does not give the user any kind of option, you can create an encrypted virtual drive with just three clicks without reading the manual, which is available online. Encrypted containers are saved with the .lc extension and automatically named “La-Private” inside a folder bearing the same name, the software does not need installation you can carry it with you on a USB thumbdrive, however, administrator rights are still needed.

Encrypted containers larger than 4GB can not be created in FAT32 drives, to achieve this you will have to reformat to NTFS (Windows) or HFS+ (Mac). Anyone familiar with virtual drive encryption software will instantly know how to use this program, after creating an encrypted container you will see a new drive letter appear next to your C: hard drive, anything you store in there will be automatically encrypted.

Lacie Private-Public AES256 encryption

Lacie Private-Public AES256 encryption

To lock the container right click on Lacie’s logo in Windows toolbar and select dismount, to access the data again execute the program and enter the password. The only possible settings are password change, mount encrypted volume as read-only and timed self-dismounting, Lacie Private-Public appears to be directed towards the 100% newbie person that knows nothing about encryption products and is not interested in learning about them or customization options.

The company claims that there is no backdoor, if you forget your password that is it. Full disk encryption has been eliminated, to use this capability you will have to look for something else, the only advantage Lacie Private-Public seems to have over Truecrypt is that it is extremely simple to use and it should not frighten off computer ignorant people.

Note: This software can not run if you have Truecrypt installed, they both use the same drivers.

Visit Lacie Private-Public encryption tool

0 Comments

Create an encrypted virtual drive with CloudFogger

/ 1 January, 2012 / Encryption Software / Permalink

 Easily share encrypted files

CloudFogger is all in one encryption solution to encrypt and share your documents, it uses AES256 and public key RSA to secure the data,it can be used to encrypt your cloud storage documents before uploading them. During installation you will get a Windows warning saying that the driver publisher signature could not verified, it is ok to carry on installing the software as long as you downloaded it from the official website. You will need to reboot your computer and CloudFogger will prompt you to create an account for which you will have to facilitate an email address that needs to be verified using a code, the process shouldn’t take more than a couple of minutes.

After your CloudFogger account has been created you will notice a new letter on your computer hard drive (:X), anything you store there will be automatically encrypted and only accessible while your are logged into your CloudFogger account, it works like the encrypted virtual drives created by Truecrypt, what CloudFogger adds is easy sharing allowing you to add email addresses of people who can access the file, and single file encryption using the extension .cfog.

CloudFogger virtual drive encryption

CloudFogger virtual drive encryption

Any single file you encrypt is automatically stored in the virtual drive, when you double click on a .cfog file it will not decrypt, you will have to right click for that,  everything works integrated with Windows right click mode, there is no interface. CloudFogger claims it doesn’t create temporary files hence being more secure than encrypting using other applications, but if you view a file using an external application (e.g. Windows Media Player) a temporary back up file could be created and there is nothing CloudFogger can do about it.

CloudFogger has some time saving advantages over traditional on-the-fly encryption,right click integration and not needing to enter a password to encrypt the file while you are logged into your account, it can also securely wipe files which is something that normally requires separate software, and it makes it easy to share encrypted files the same way like SpiderOak does, but I did not find this encryption tool very intuitive to use, it think that you will have to read the manual to understand how everything works, it shouldn’t take long thought, and a first steps guide is included. This software does not support any kind of anonymity, everything works through email addresses  (sender&receiver) which are obviously traceable.

Note: Windows version is still in beta, there are plans to make an Android, iOS and Mac version.

Visit CloudFogger homepage

0 Comments

DiskCryptor vs Truecrypt comparison

/ 14 October, 2011 / Encryption Software / Permalink

Full disk encryption review

DiskCryptor download is a tiny 750Kb, after installing it you will need to reboot the computer, you might notice that its 64bit drivers come signed by the ReactOS foundation a non for profit organization assisting open source projects not able to acquire an expensive signing certificate to distribute Windows 64bit drivers.

Encrypting my Windows 7 Home Premium 64bit OS, with a fairly powerful Intel i5 2200Hz (quad core) absorbed very low CPU, a steady 7% of the available resources, it took me 20 hours to encrypt a 1TB hard drive, it would have been considerably quicker using just the AES algorithm instead of the cascade algorithm I selected.

DiskCryptor lets you know how long it will take to encrypt your operating system, you can still work with your computer while it is being encrypted, I advice you to temporarily disable power management in Windows and set it to always on, Windows will not notice the hard disk being encrypted and send the OS into hibernation mode believing the computer is inactive, if this happens full disk encryption will stop and only resume once you switch the computer back on, I have found this problem to occur with both DiskCryptor and Truecrypt, more of a Windows problem than to do with the full disk encryption software.

Diskcryptor lets you benchmark the encryption ciphers (Tools>Benchmark) if you have a low spec CPU and are in a hurry you can choose the cipher that performs best in your system,  AES was the quickest for me, by quite a lot of difference in contrast with Twofish and Serpent, once the OS has been encrypted it doesn’t matter what cipher you used to encrypt it, performance will be the same. You can benchmark ciphers in Truecrypt too but since only AES can be used for full disk encryption there is no point in doing it.

DiskCryptor encryption keyfile

DiskCryptor encryption keyfile

Truecrypt will ask you to enter your password after rebooting your computer before encrypting your operating system, DiskCryptor will not, it assumes you entered the passphrase correctly twice as asked and did not make any mistake. When using special signs in your password be aware that in booting up your computer the keyboard has a US layout that will not correspond with a non US keyboard, I searched for a photograph of US keyboard layout on the Internet to make sure there would be no mistakes about what keys to pres.

Unlike Truecrypt, DiskCryptor bootloader is highly configurable, I have my own (Ascii) logo at logon and I instructed DiskCryptor to time out after 30 seconds of inactivity at which point the computer reboots, other options like halt and exit to BIOS are possible. Using DiskCryptor keyfile for full disk encryption is something possible and not supported by Truecrypt, a keyfile will thwart dictionary attacks on your passphrase but this keyfile can not consist of anything it has to be a 64 byte file generated by DiskCryptor.

 Windows 7 FDE specific problem

Unlike Vista, XP and lower Windows versions, when you use a whole disk encryption product on Windows 7, or installing a dual boot, you will notice that Windows 7 automatically creates a 100MB system reserved partition, 24MB contains actual data the rest is there for future use like Bitlocker or system restore, this partition is hidden by Windows and only visible using a live CD or through DiskCryptor or Truecrypt interface.

Windows 7 100MB hidden system partition

Windows 7 100MB hidden system partition

Windows 7 system reserved partition contains some necessary boot files, do not attempt to encrypt Windows 7 system reserved partition like I did because the computer will not boot! There are hacks around to merge that partition with the main Windows 7 operating system, I managed to do it partioning the hard disk with PartedMagic before installing Windows 7 and ignoring Windows installation DVD asking me to create the system reserved partition, everything worked fine until I fully encrypted Windows 7 without the system reserved space and the computer refused to boot.

If you would like to use whole disk encryption in Windows 7 there is no choice but to give in and allow Windows to create the unencrypted 100MB system partition, this shouldn’t be a problem regarding data leakage, you can view the files it contains with a live CD, I managed to see a bootsect.bak file, bootmgr, and System Volume Information folder and a few others with no obvious danger.

Truecrypt vs DiskCryptor comparison table

TRUECRYPT DISKCRYPTOR
Open source license Truecrypt own license Standard Linux GPL license
Forces you to burn a recovery CD YES NO (optional)
Works with RAID volumes YES YES
Hidden operating system YES NO (pseudo)
Cross platform (Windows, Linux and MAC) YES NO
Option of cipher for full disk encryption AES,Twofish,Serpent & cascades AES,Twofish,Serpent & cascades
Supports keyfiles for full disk encryption NO YES
Can place bootloader on external device NO YES
Can create single encrypted containers YES NO
Portable mode YES (admin rights) NO
Encryption of external devices (USB,etc) YES YES

 

Plausible deniability

DiskCryptor does not support the hidden operating system feature that Truecrypt has but allows you to install the bootloader on an external device, ie. USB thumbdrive or CD-Rom, that is where the files giving away that the operating system has been encrypted and what software has been used for that are stored, if anyone seized your hard drive it would be possible to claim that it has been wiped clean as no identifiable information can be extracted from the HDD other than random data and there is no boot loader.

Plausible deniability appears more sound than Truecrypt hidden operating system, if you give away the password for the non hidden OS in Truecrypt, the timestamps and las activities could give away that the computer has not been used for a long time.

DiskCryptor full disk encryption

DiskCryptor full disk encryption

A computer with no operating system and a wiped hard disk will look very suspicious, claims that it was wiped the day before would be held with incredulity but hard to prove it didn’t happen. Even better, I came across a thread in DiskCryptor forums to have a dual OS system where one of the Windows OS will only boot with the USB thumbdrive plugged in and when not present the other OS will boot, this set up makes one of the partitions look like random data and not like 2 operating systems on one hard disk.

Conclusion Truecrypt vs Diskcryptor

If you have a tablet or netbook without a CD-drive go for DiskCryptor because Truecrypt forces you to burn a recovery CD (there is a work around using CD-drive virtualization software, i.e. Alcohol 120% or using the command line /noisocheck).

If you would like to be able to open encrypted external devices using Linux or MAC go for Truecrypt as DiskCryptor is a Windows only program, if you want to create single encrypted containers go for Truecrypt as DiskCryptor can’t do that.

Something in which Truecrypt beats DiskCryptor is in documentation, Truecrypt manual is very complete and DiskCryptor consists of an incomplete online Wiki, DiskCryptor can make up for this showing off the ‘Blue Screen’ feature, a way to quickly crash your fully encrypted computer allowing you to set the quick emergency shutdown to any hotkey shortcut you like.

Security wise, both Truecrypt and DiskCryptor have the same credentials with their source code open to scrutiny and none of them reviewed by any qualified cryptographer, overall, DiskCryptor has more configuration features than Truecrypt, and Truecrypt is better at cross platform compatibility.

Truecrypt: http://www.truecrypt.org

DiskCryptor: http://diskcryptor.net/wiki/Main_Page/en

13 Comments

Top 5 programs for full disk encryption

/ 15 June, 2011 / Encryption Software / Permalink

Why use full disk encryption

If you encrypt your whole hard drive including your operating system you will not have to worry about wiping data, clearing the Internet browser cache, deleting temporary files and encrypting individual files, all you will have to worry about is choosing a strong passphrase that can not be broken using a brute force attack (trying dictionary words).

The only way to access a fully encrypted operating system is by getting access to the computer while it is switched on (decrytped), you will save lots of time if you decide to encrypt your full operating system, it is not difficult and there is free software for that. Windows Vista and 7 come with BitLocker Drive Encryption for full disk encryption but only the more expensive business high end editions do and it has been designed for businesses with few home user features.

Full disk encryption software without backdoor

Truecrypt (Free): It’s wizard driven menu will guide you through the whole encryption process, there are many algorithm choices, if you do not understand what they mean leave all of the default choices on, they are secure enough for everyone. Truecrypt can encrypt external devices, create virtual encrypted drives and create a hidden encrypted operating system, to be used if you are forced to give up the password.

You will find it easy to find support for Truecrypt at computer security forums and Usenet groups as it is one of the most used full disk encryption programs.

Truecrypt encryption algorithm

Truecrypt encryption algorithm

DiskCryptor (Free): Open source encryption software, it can encrypt partitions that have already data on them, it supports AES, Twofish and Serpent encryption algorithms, allows you to encrypt USB flash drives and external hard disks with automatic mounting, support for key files, option to place the boot loader on an external device.

DiskCryptor full disk encryption

DiskCryptor full disk encryption

ZoneAlarm Datalock (Under $50):  There is no backdoor in this encryption software but it is possible for ZoneAlarm to reset your password if you choose to upload a security file to their site during installation, you can opt out to make sure they can never be forced to give it out to anyone. Datalock uses 256-bit AES and it supports Trusted Module Platform hardware encryption, when a computer has a TMP chip the encryption keys and digital certificates can be stored within it for protection from external attacks.

ZoneAlarm Datalock encryption

ZoneAlarm Datalock encryption

DriveCrypt Plus Pack: (Over $100): Whole operating system encryption with AES256-bit, no backdoor, it can hide an undetectable operating system in the hard drive free space, this is useful if someone forces you give up your password, they would not be able to prove a second operating system exists, it can be used in conjunction with USB tokens for preboot authentication, login preboot screen can be changed, you can create your own.

DriveCrypt Plus Pack encryption

DriveCrypt Plus Pack encryption

SecureDoc WinMagic (Over $100): Encryption of laptops, USB devices and desktop computers using AES 256 bit, certified FIPS 140-2 Level 2, it supports multifactor authentication at preboot level, no backdoor but password recovery is possible if you set it up, available in various languages, extended audit logging make SecureDoc a good option for businesses.

SecureDoc WinMagic full disk encryption

SecureDoc WinMagic full disk encryption

Full disk encryption performance

I have been using full disk encryption for over 5 years, I have used DiskCryptor, Truecrypt and DriveCrypt Plus Pack, in all cases there has been no computer slowdown while I was using full disk encryption, even using it on a low performance netbook with an Intel Atom CPU showed no noticeable performance issue.

If you are a home user you do not need to worry about full disk encryption slowing down your computer activities, the software normally needs very low resources to run on.

2 Comments

Rohos Mini Drive free USB thumbdrive encryption without admin rights

/ 5 January, 2011 / Encryption Software / Permalink

USB thumbdrive freeware encryption software

You could use Truecrypt traveller mode to encrypt your data on a USB stick but in order to use Truecrypt on a computer you will need administration rights and this is not possible in public computers like Internet cafe and libraries. Rohos Mini Drive USB encryptrion doesn’t require administrative privileges to open your password protected USB thumbdrive partition on a guest PC.

Rohos Mini Drive uses on the fly encryption making sure no data is left unencrypted on the guest PC after you have finished viewing it, there is a secure virtual keyboard included to stop key-loggers capturing your password and data is encrypted using AES256 a well known secure algorithm approved by the US Department of Defense to encrypt secret information.

There is a feature called ‘Hide and Encrypt Folder’ that allows to encrypt profile folders of applications like Skype, Google Chrome and Firefox as well as regular PC folders. This feature locks applications data with a password and ciphers the content strong encryption, when your encrypted USB drive is not plugged in to PC the applications will be unable to start.

Rohos Mini Drive encrypted USB thumbdrive

Rohos Mini Drive encrypted USB thumbdrive

This encryption software needs less than 1MB for stand alone installation and creates an encrypted .rdi file where to store your data, it includes Rohos Disk Browser to view and manage your encrypted files, this is very useful as it will help you to avoid using the guest computer Windows explorer and stop you from leaving temporary files behind.

The free version of Roho Mini Drive has a 2GB encrypted partition size limitation, you will need administration rights to preinstall Rohos Mini Drive on the USB flash drive first and after that this secure encrypted USB thumbdrive can be used anywhere without any admin privileges.

The company behind Rohos Mini Drive claims that there is no backdoor whatsoever, if you lose your password, that is it, that also means that nobody can force the company to decrypt data held in your USB thumb drive because they have no way of doing it.

Visit Rohos Mini Drive homepage

0 Comments

Review free encryption software Safetica Personal Edition

/ 19 September, 2010 / Encryption Software / Permalink

Encryption Safetica Personal Edition overview

Safetica Personal Edition is totally free for the home user and it is the best free encryption security suite I have come accross for a long time, with Safetica Personal Edition you get secure encryption implemented with AES256 a well known uncrackable algorithm, a password manager, a data shredder, asymmetric and symmetric encryption, security profiles, security schedules, an archive manager to compress files and much much more, I was really impressed with the amount of security tools that come integrated with this free computer security suite, this is an all around solution that does a perfect job at securing your data.

Safetica also has paid for versions of its software for commercial enterprises that allow for the use of parental control, staff monitoring and other business utilities that will be of little use for the home user. Safetica Personal Edition has all a home user needs to achieve a good level of computer privacy, I found it suitable for PC novices as well as crytpogeeks and advanced users.

Although basic, Safetica Personal Edition also includes an archive manager for .zip and other compressed files, you do not need to install any other special application to manage them.

Safetica claims their free encryption program has no backdoor, you can sleep safe and sound knowing that nobody will be able to access your encrypted personal data unless you give them the password.

Safetica will award $200.000 to anyone breaking their encryption

Many companies claim their product is unbreakable but very few of them put their money where their mouth is, Cosect, the makers of Safetica, are running a competition for one year, expiring in mid 2011, if you manage to break one of their encrypted files they will reward you with $200.000, full details on their website.

Safetica RSA encryption key creation

Safetica RSA encryption key creation

Creating and encrypted virtual drive, NTFS or FAT32 filesystem?

When you create an encrypted virtual drive in Safetica you are given the choice of formatting it with NTFS or FAT32, the choice of a file system matters if you intend to use advanced file properties that are available in Windows 2000 and later.

The FAT32 file system usage is limited by the length of  filenames and when copying files, it has a maximum file size of 4GB in size, you will not be able to copy a file bigger than 4GB to a FAT32 formatted disk. Most USB thumbdrives normally come formatted with FAT32 in order to interact with the maximum number of operating systems.

Unless you are using an old version of Windows that needs FAT32, you will be better off formatting the virtual  encrypted drive, and any hard drive, with the NTFS file system which has a theoretical maxium file size of 16 Terabytes.

Safetica encryption wizard profile

Safetica encryption wizard profile

Encryption Safetica Personal Edition good stuff

Very nice clean layout with easy navigation through tabs, possibility to encrypt single files allowing for lots of advanced choices in the process, from encryption with public key to creating a self extracting .exe encrypted files and data shredding scheduling.

Easy set up Wizard with Basic, Safe and Paranoid security profiles, the Safe profile is the one I used, it uses the AES cipher, it will not cache the passphrase and sets up the data wiping utility to overwrite all files seven times.  The Paranoid security profile uses the Serpent cipher for encryption and data shredding is set at 35 passes, regular password changes are also enforced.

You can create a security key to recover your encrypted data, this process will take some minutes to create an RSA Private key (with extension .privkey), you can set up this masterkey to have an expiration date from 1 year to 10 years.

If you attempt to copy text from a password field to the clipboard Safetica will stop you from doing so and you will get a warning, this is a good security measure that stops lazy users from copying and pasting their encryption passphrase around Windows.

The encrypted virtual drives (they use a .dco extension) can be accessed via password or with an encryption key, your choice. Safetica encryption software manual is very complete with easy to understand explanations and screenshots, there are daily security tips that come up when you start the software.

Safetica Personal Edition comes with an integrated password manager using AES-Rijndael256 for encryption and a decent file shredder that can be scheduled. The data wiper can also delete temporary files, browser history and recent documents history.

The password manager can work with public encryption keys, it includes a password strength analyzer, it has highly customizable features as well as a very advanced password generator.

Safetica encryption suite supports the Czech, English,French,German,Spanish,Polish,Portuguese andRussian languages and their interface can easily by switched to one of them. Safetica Personal Edition also supports encryption of RAID disks, physical external hard disks and encryption of USB thumbdrives, from where you can run applications like a portable internet browser to avoid leaving internet surfing tracks in your operating system.

Safetica encrypted virtual disk

Safetica encrypted virtual disk

Encryption Safetica Personal Edition bad stuff

Their bigger downfall has to be that there is no full disk encryption available, Safetica will create virtual encrypted drivers but the operating system itself remains unencrypted and a computer forensics expert will still be able to retrieve some personal data from your operating system, although not much, the developers claim to be looking into this for next releases.

The file shredder to erase temporary files can be scheduled to run at logon but the most obvious option, which would be to run it after logging off is not available, it makes much more sense to me to destroy all of your temporary files when you have just finished working with your computer than not the day after when you login.

Creation of encrypted disks using the Safe profile will choose AES256 cipher for encryption and SHA256 for password hashing by default, Safetica user manual names the Blowfish448, Mars448,Twofish256 and CAST6 cipher algorithms too but this is hard to find, it took me a while to find out how to change the default encryption algorithm.

Their encryption software only works in Windows and you get the occasional nagging screen when you start Safetica Personal Edition inviting you to upgrade to the business edition or make a donation to the encryption software developers.

Encryption Safetica Personal Edition conclusion

This computer security suite is ideal to encrypt all of your internet pornography, banking details and family photos, it is a great free all-round computer security suite to stop identity theft and noisy people looking at what confidential data you have stored in your hard disk. Safetica encryption is safe and sound, highly customizable, you get a password manager and file shredder integrated, this free computer software should fulfil most of your security and privacy needs.

Visit Safetica to download this free encryption suite

0 Comments

Free easy to use encryption software R-Crypto

/ 1 September, 2010 / Encryption Software / Permalink

R-Crypto Data Security and disk encryption software will help you hide all of your internet pornography, financial details and other sensitive data from prying eyes. This free encryption software will create an encrypted virtual disk only visible after you enter the appropiate password, inside that encrypted disk you will be able to store anything you like and after closing it,  the encrypted data will remain unaccessible for anyone without the right password.

R-Crypto encrypts data using the cryptographic infrastructure of the Microsoft operating system, this can include Microsoft AES crypto provider with key lengths of 128, 192 and 256 bits, for the password it will use the well known uncrackable Secure Hash Algorithm SHA-512. It can also use the Data Encryption Standard DES, or 3DES but it is highly reccomended to stick to AES as DES is not a safe encryption algorithm anymore.

R-Crypto constitutes a robust and safe encryption program with no backdoors, best of all R-Crypto is completely free of charge. If you want to hide your internet pornography from your wife and others, R-Crypto will be very useful and it is easy to use for beginners.

With R-Crypto you will have access to your encrypted disk control with an easy to use wizard that will guide you through the creation of the encrypted disk and it will also allow to change the size of the encrypted disk easily and it has many more features like being able to wipe the encrypted hard disk to make sure this is irrecoverable.

R-Crypto Data Security screenshot

R-Crypto Data Security screenshot

Because R-Crypto uses Microsoft cryptographic infrastructure, it is ideal for companies that require certification for such products to meet certain governmental or corporate standards, as well as individual users with high security and privacy needs.

Visit R-Crypto free data encryption software

0 Comments