A program for encrypting a specific extension. Programs for encrypting folders and files. Selection of programs for comparison

Editor's Choice

File encryption programs

Encrypt everything!

Every time information leaks on the Internet about a scandal related to the fact that important documents have leaked somewhere, I ask myself why they were not encrypted? Document protection should be everywhere, after all.

Encryption algorithms

The encryption algorithm is like a black box. A dump of a document, image, or other file that you load into it, you get back. But what you see seems to be nonsense.

You can turn this gibberish back into a normal document through the window with the same password that you entered during encryption. This is the only way to get the original.

The US government has recognized Advanced Encryption Standard (AES) as a standard, and all products assembled here support the AES encryption standard.

Even those who support other algorithms generally recommend using AES.

If you are an encryption expert, you may prefer a different algorithm, Blowfish, and perhaps even the Soviet government's GOST algorithm.

But this is for fans of extreme entertainment. For the average user, AES is just a great solution.

Public key cryptography and exchange

Passwords are important and you should keep them private, right? Well, not when using the public key infrastructure (PKI) that is used in cryptography.

If I want to send you a secret document, I just encrypt it with my public key. When you receive it, you can use it to decrypt the document. It's that simple!

Using this system in the opposite direction, you can create a digital signature that confirms that your document came from you and has not been altered. How? Just encrypt it with your private key.

The fact that your public key decrypts it is proof that you have the right to edit it.

PKI support is less common than traditional symmetric support.

Many products allow the creation of self-decrypting executable files.

Also, you may find that the recipient can use a certain decryption-only tool for free.

What's better?

There is now a huge selection of products available in the encryption arena.

Everyone simply has to choose the solution that will be convenient in terms of functionality, practical and stylish from the point of view of the interface of the main program window.

The digital CertainSafe safe goes through a multi-step security algorithm that identifies you on the site. You will have to go through multiple authentications each time.

Your files are encrypted, if someone tries to break them, they fall apart and no one can recreate them. In this case, there is a certain risk, but at the same time, the level of reliability is very decent.

Then each chunk of the file is stored on a different server. A hacker who has been able to break into one of the servers cannot do anything useful.

Locking can encrypt files or simply lock them so that no one can open them. It also offers encrypted lockers for safe keeping of personal confidential.

Among many others useful functions shredding, free space shredding, secure network backups and self-decrypting files can be noted.

VeraCrypt (Windows / OS X / Linux)

VeraCrypt supports truecrypt encryption, which was discontinued last year.

The development team claims that they have already addressed the issue raised during the initial audit of truecrypt and believe it can still be used as an available version for, OS X and.

If you're looking for a file encryption tool that actually works, this is it. VeraCrypt supports AES (the most commonly used algorithm).

It also supports TwoFish and Serpent encryption ciphers, and supports the creation of hidden encrypted volumes.

The program code is open source, most of the code base consists of Truecrypt.

The program is also constantly evolving, with regular security updates and independent audits at the planning stage (according to the developers).

Those of you who have tried it have praised it for the on-the-fly encryption tool works great and only decrypts your files when you need them. So the rest of the time they are stored encrypted.

Especially users note that the program is a powerful tool that is easy to use and always in place. Yes, it lacks a pretty interface or a ton of bells and whistles.

AxCrypt (Windows)

AxCrypt is free and open source software. source code GNU licenses.

A GPL-licensed encryption tool for Windows that prides itself on being simple, efficient, and reliable to use.

It integrates nicely with the Windows shell so that you can click right click mouse on the file that you want to encrypt and give the command.

Or, you can simply tweak the executable code so that the file will be locked if not used for a certain period of time. It can be decrypted later, or when the recipient notifies of receipt.

Files with AxCrypt can be decrypted on demand, or you can keep them decrypted while in use and then automatically encrypted.

It supports AES 128-bit encryption, provides protection against hacking attempts. It is very lightweight (less than 1 MB.)

Everyone decides for himself which program to use, but if your data is worth anything to you, be sure to think about the fact that you need an encryption program.

Encrypting files and folders in Windows

File Encryption Software: Which is the Best to Choose?

Our media stores huge amounts of personal and important information, documents and media files. They need to be protected. Cryptographic techniques such as AES and Twofish that are standardly offered in encryption programs belong to about one generation and provide relatively high level security.

In practice, the average user will not be able to make a big mistake in choosing. Instead, it is worth deciding on a specialized program depending on the intentions: often encryption hard disk uses a different operating mode than file encryption.

Long time the best choice there was a utility TrueCrypt if it was about fully encrypting a hard drive or storing data in an encrypted container. This project is now closed. Its worthy successor is an open source program VeraCrypt... It was based on the TrueCrypt code, but it has been modified to improve the encryption quality.

For example, in VeraCrypt improved key generation from password... For encryption hard discs use a mode that is not as common as CBC, a XTS... In this mode, blocks are encrypted by the type ECB, however, this adds the sector number and intra-segment displacement.

Random numbers and strong passwords

To protect individual files, a free program with a simple interface is enough, for example, MAXA Crypt Portable or AxCrypt... We recommend AxCrypt as it is an open source project. However, when installing it, you should pay attention to the fact that the package with the application contains unnecessary add-ons, so you must uncheck the boxes from them.

The utility is launched by right-clicking on a file or folder and entering a password (for example, when opening an encrypted file). This program uses the AES algorithm 128 bit with CBC mode... Ax-Crypt embeds a pseudo-random number generator to create a robust initialization vector (IV).

If the IV is not a real random number, then the CBC mode weakens it. MAXA Crypt Portable works in a similar way, but encryption is done using a key 256 bit long... If you upload personal information to cloud storage, you need to assume that their owners, for example, Google and Dropbox, scan the content.

Boxcryptor is embedded in the process as a virtual hard disk and, on the right click, encrypts all files located there before uploading to the cloud. That being said, it is important to get a password manager such as Password depot... It creates complex passwords that no one can remember. Necessary just don't lose master password for this program.

We use encrypted disks

Similar to TrueCrypt, Utility Wizard VeraCrypt guides the user through all the stages of creating an encrypted disk. You can also protect existing section.

One click encryption

Free software Maxa Crypt Portable offers all the options you need to fast encryption separate files using the AES algorithm. By pressing the button you start the generation secure password.

Linking the Cloud to Privacy

Boxcryptor one click encrypts important files before uploading to Dropbox storage or google. The default is AES encryption with 256 bit key.

The cornerstone is a password manager

Long passwords increase security. Program Password depot generates and uses them, including for encrypting files and working with web services, to which it transfers data to access the account.

Photo: manufacturing companies

Protection important information from intruders and just from prying eyes - the primary task of any user who is active on the Internet. Often the data lies on hard drives in the open, which increases the risk of theft from your computer. The consequences can be very different - from losing passwords to various services before parting with an impressive amount of money stored in electronic wallets.

In this article, we will look at several specialized programs that allow you to encrypt and password protect files, directories and removable media.

This software is perhaps one of the most famous ransomware. TrueCrypt allows you to create encrypted containers on physical media, protect flash drives, partitions and entire hard drives from unauthorized access.

PGP Desktop

This is a combine program for maximum protection of information on your computer. PGP Desktop can encrypt files and directories, including local network, protect email attachments and messages, create encrypted virtual disks, permanently delete data by multi-pass overwriting.

Folder Lock

Folder Lock- the most user-friendly software. The program allows you to hide folders from visibility, encrypt files and data on flash drives, store passwords and other information in a secure storage, can erase documents without a trace and free place on disks, has built-in protection against hacking.

Dekart Private Disk

This program is intended solely to create encrypted disk images. In the settings, you can specify which programs contained in the image will be launched when mounted or unmounted, as well as enable a firewall that monitors applications that try to access the disk.

R-Crypto

Another software for working with encrypted containers that act as virtual storage media. R-Crypto containers can be connected like flash drives or regular hard drives and disconnected from the system if the conditions specified in the settings are met.

Crypt4Free

Crypt4Free is a file system program. It allows you to encrypt ordinary documents and archives, files attached to letters and even information in the clipboard. The program also includes a generator of complex passwords.

RCF EnCoder / DeCoder

This little ransomware gives you the ability to protect directories and the documents they contain using the generated keys. The main feature of RCF EnCoder / DeCoder is the ability to encrypt the text content of files, as well as the fact that it only comes in a portable version.

Forbidden file

The smallest participant in this review. The program is downloaded as an archive containing one single executable file. Despite this, the software can encrypt any data using the IDEA algorithm.

This was a small list of well-known and not so well-known programs for encrypting files and folders on computer hard drives and removable media. They all have different functions, but they perform one task - to hide user information from prying eyes.

More recently, we have been running encryption applications. It's time for a similar review, but for desktop programs.

Selection of programs for comparison

In order for all three programs to be in the same weight category, it was decided to compare only proprietary software, that is, software with closed source code. Folder Lock and PGP Desktop will be compared with CyberSafe Top Secret. WITH latest program I think many are familiar. But Folder Lock was not chosen by chance either - it won a gold award in a comparison of ten encryption programs.

Folder Lock Overview

The main features of Folder Lock are as follows:
  • AES encryption, 256-bit key.
  • Hiding files and folders.
  • File encryption (by creating virtual disks - safes) "on the fly".
  • Online backup.
  • Create secure USB / CD / DVD drives.
  • Encrypting attachments Email.
  • Creation of encrypted "wallets" storing information about credit cards, accounts, etc.

It would seem that the program has enough capabilities, especially for personal use. Now let's look at the program in action. At the first launch, the program asks to set a master password, which is used to authenticate the user in the program (Fig. 1). Imagine this situation: you have hidden files, and someone else launched the program, looked at which files were hidden, and gained access to them. Agree, not very good. But if the program asks for a password, then this "someone" will not succeed - in any case, until he or she finds out or finds out your password.


Rice. 1. Setting the master password at the first start

First, let's see how the program hides files. Go to section Lock Files, then either drag files (Fig. 2) and folders to the main area of ​​the program, or use the button Add... As shown in fig. 3, the program allows you to hide files, folders and drives.


Rice. 2. Drag and drop the file, select it and click Lock


Rice. 3. Button Add

Let's see what happens when we press the button Lock... I tried to hide the file C: \ Users \ Denis \ Desktop \ cs.zip. The file has disappeared from Explorer, Total commander and the rest file managers even if display is enabled hidden files... The file hide button is called Lock and section Lock Files... However, these UI elements would need to be named Hide and Hide Files, respectively. Because, in fact, the program does not block access to the file, but simply "hides" it. Look at fig. 4. Knowing the exact name of the file, I copied it to the cs2.zip file. The file was copied quietly, there were no access errors, the file was not encrypted - it was unpacked as usual.


Rice. 4. Copy a hidden file

By itself, the concealment function is stupid and useless. However, if you use it in conjunction with the file encryption function - to hide the safes created by the program - then the efficiency of its use will increase.
In chapter Encrypt Files you can create lockers. A safe is an encrypted container that, after mounting, can be used like a regular disk - encryption is not simple, but transparent. The same technique is used by many other encryption programs, including TrueCrypt, CyberSafe Top Secret, and others.


Rice. 5. Encrypt Files section

Click the button Create locker, in the window that appears, enter a name and select the location of the safe (Fig. 6). Next, you need to enter a password to access the safe (Fig. 7). The next step is to select the file system and the size of the safe (Fig. 8). The size of the safe is dynamic, but you can set the maximum limit. This saves disk space if you are not using a full-size safe. Optionally, you can create a fixed-size safe as shown in the Performance section of this article.


Rice. 6. Name and location of the safe


Rice. 7. Password to access the safe


Rice. 8. File system and size of the safe

After that, you will see the UAC window (if it is enabled), in which you will need to click Yes, then a window with information about the created safe will be displayed. In it, you need to click the Finish button, after which the Explorer window will open, displaying the mounted container (media), see fig. nine.


Rice. 9. Virtual disk created by the program

Return to the section Encrypt Files and select the created safe (fig. 10). Button Open locker allows you to open a closed safe, Close Locker- close open, button Edit options calls a menu containing commands for deleting / copying / renaming / changing the safe password. Button Backup Online allows you to back up your safe, and not somewhere, but to the cloud (Fig. 11). But first, you have to create an account. Secure Backup Account, after which you will get up to 2 TB of disk space, and your safes will be automatically synchronized with the online storage, which is especially useful if you need to work with the same safe on different computers.


Rice. 10. Operations over the safe


Rice. 11. Creating a Secure Backup Account

Nothing happens just like that. Please see secure.newsoftwares.net/signup?id=en for pricing for storing your safes. For 2 TB, you will have to pay $ 400 per month. 500 GB will cost $ 100 per month. To be honest, it is very expensive. For $ 50-60, you can rent a whole VPS with 500 GB "on board", which you can use as storage for your safes and even create your own website on it.
Please note: the program can create encrypted partitions, but unlike PGP Desktop, it cannot encrypt entire disks. In chapter Protect USB / CD you can protect your USB / CD / DVD drives as well as email attachments (Figure 12). However, this protection is not achieved by encrypting the medium itself, but by recording a self-decrypting safe on the corresponding medium. In other words, a truncated portable version of the program will be written to the selected medium, allowing you to "open" the safe. As such, this program does not have support for mail clients either. You can encrypt the attachment and attach it (already encrypted) to the email. But the attachment is encrypted with a regular password, not PKI. I think there is no point in talking about reliability.


Rice. 12. Section Protect USB / CD

Chapter Make wallets allows you to create wallets containing information about your credit cards, bank accounts, etc. (fig. 13). All information, of course, is stored encrypted. I can say with full responsibility that this section is useless, since the function of exporting information from the wallet is not provided. Imagine that you have many bank accounts and you have entered information about each of them into the program - account number, bank name, account holder, SWIFT code, etc. Then you need to provide your account information to a third party to transfer money to you. You will have to manually copy each field, paste it into the document, or email... Having an export function would make this task much easier. As for me, it is much easier to store all this information in one common document, which must be placed on the virtual disk created by the program - a safe.


Rice. 13. Wallets

Folder Lock Benefits:

  • An attractive and intuitive interface that will appeal to novice users who speak English.
  • Transparent encryption on the fly, creating virtual encrypted disks that you can work with like regular disks.
  • Possibility of online backup and synchronization of encrypted containers (safes).
  • The ability to create self-decrypting containers on USB / CD / DVD-disks.

Disadvantages of the program:

  • There is no support for the Russian language, which will complicate the work with the program for users who are not familiar with the English language.
  • Doubtful functions Lock Files (which simply hides, rather than "locks" files) and Make Wallets (ineffective without exporting information). Honestly, I thought that the Lock Files feature would provide transparent encryption of a folder / file on a disk, as CyberSafe Top Secret does or file system.
  • Inability to sign files, verify digital signatures.
  • When opening the safe, it does not allow you to select a drive letter that will be assigned to the virtual disk that corresponds to the safe. In the program settings, you can only select the order in which the program will assign a drive letter - ascending (from A to Z) or descending (from Z to A).
  • No integration with mail clients, there is only the option to encrypt the attachment.
  • The high cost of the cloud Reserve copy.

PGP Desktop

Symantec's PGP Desktop is a suite of encryption software that provides flexible, multi-layered encryption. The program differs from CyberSafe TopSecret and Folder Lock by its close integration into the system shell. The program is embedded in the shell (Explorer), and its functions are accessed through the Explorer context menu (Fig. 14). As you can see, the context menu contains functions for encryption, file signing, etc. The function of creating a self-decrypting archive is quite interesting - according to the principle of a self-extracting archive, only instead of unpacking the archive is also decrypted. However, the Folder Lock and CyberSafe programs also have a similar function.


Rice. fourteen. Context menu PGP Desktop

Also, access to the program functions can be obtained through the system tray (Fig. 15). Command Open PGP Desktop opens the main program window (fig. 16).


Rice. 15. Program in the system tray


Rice. 16. PGP Desktop Window

Sections of the program:

  • PGP Keys- management of keys (both own and imported from keyserver.pgp.com).
  • PGP Messaging- management of messaging services. During installation, the program automatically detects your Accounts and automatically encrypts AOL Instant Messenger communications.
  • PGP Zip- management of encrypted archives. The program supports transparent and non-transparent encryption. This section implements opaque encryption. You can create an encrypted Zip archive (PGP Zip) or a self-decrypting archive (Figure 17).
  • PGP Disk is an implementation of the transparent encryption function. The program can either encrypt an entire hard disk partition (or even an entire disk) or create a new virtual disk (container). There is also a Shred Free Space function, which allows you to erase free space on the disk.
  • PGP Viewer- here you can decrypt PGP messages and attachments.
  • PGP NetShare- a tool for "sharing" folders, while "balls" are encrypted using PGP, and you have the ability to add / remove users (users are identified based on certificates) who have access to the "share".


Rice. 17. Self-decrypting archive

As far as virtual disks are concerned, I especially liked the ability to create a dynamically sized virtual disk (Figure 18), as well as select an algorithm other than AES. The program allows you to select the drive letter to which the virtual disk will be mounted, and also allows you to automatically mount the disk at system startup and unmount it when idle (by default, after 15 minutes of inactivity).


Rice. 18. Create a virtual disk

The program tries to encrypt everything and everyone. It monitors POP / SMTP connections and suggests protecting them (Figure 19). The same goes for instant messaging clients (Figure 20). It is also possible to protect IMAP connections, but it must be enabled separately in the program settings.


Rice. 19. SSL / TLS connection detected


Rice. 20. PGP IM in Action

It's a pity that PGP Desktop does not support popular modern programs like Skype and Viber. Who is currently using AOL IM? I think there are not many of them.
Also, when using PGP Desktop, it is difficult to configure mail encryption, which only works in interception mode. But what if encrypted mail has already been received, and PGP Desktop was launched after receiving the encrypted message. How to decrypt it? You can, of course, but you have to do it manually. In addition, already decrypted messages in the client are no longer protected in any way. And if you configure the client for certificates, as it is done in the CyberSafe Top Secret program, then the letters will always be encrypted.
The interception mode does not work very well either, since the message about the protection of mail appears every time for every new one. mail server, and gmail has a lot of them. The mail protection window will get bored very quickly.
The program also does not differ in stability of work (fig. 21).


Rice. 21. PGP Desktop is frozen ...

Also, after installing it, the system worked slower (subjectively) ...

Benefits of PGP Desktop:

  • Complete program used for file encryption, file signing and verification electronic signature, transparent encryption (virtual disks and encryption of the entire partition), email encryption.
  • Keyserver support keyserver.pgp.com.
  • The ability to encrypt the system hard drive.
  • PGP NetShare function.
  • Ability to overwrite free space.
  • Tight integration with Explorer.

Disadvantages of the program:

  • Lack of support for the Russian language, which will complicate the work with the program for users who do not know English.
  • Unstable work of the program.
  • Poor program performance.
  • There is support for AOL IM, but no support for Skype and Viber.
  • Messages that have already been decrypted remain unprotected on the client.
  • Mail protection works only in interception mode, which will quickly bother you, since the mail protection window will appear every time for each new server.

CyberSafe Top Secret

As in , detailed description there will be no CyberSafe Top Secret program, because our blog has already written a lot about it (Fig. 22).


Rice. 22. CyberSafe Top Secret Program

However, we will nevertheless pay attention to some points - the most important ones. The program contains tools for managing keys and certificates, and the presence of its own key server in CyberSafe allows the user to publish his public key on it, as well as receive public keys other employees of the company (fig. 23).


Rice. 23. Key management

The program can be used to encrypt individual files, which was shown in the article. As for encryption algorithms, the CyberSafe Top Secret program supports GOST algorithms and a certified crypto provider CryptoPro, which allows it to be used in government agencies and banks.
The program can also be used for transparent encryption of a folder (Fig. 24), which allows it to be used as a replacement for EFS. And, given that CyberSafe turned out to be more reliable and faster (in some scenarios) than EFS, then it is not only possible to use it, but also necessary.


Rice. 24. Transparent encryption of the C: \ CS-Crypted folder

The functionality of the CyberSafe Top Secret program resembles that of the PGP Desktop program - if you noticed, the program can also be used to encrypt e-mail messages, as well as to electronically sign files and verify this signature (section Email digital signature, see fig. 25).


Rice. 25. Section Email digital signature

Like PGP Desktop, CyberSafe Top Secret can create virtual encrypted disks and encrypt completely. It should be noted that CyberSafe Top Secret can create only fixed size virtual disks, unlike Folder Lock and PGP Desktop. However, this disadvantage is mitigated by the ability to transparently encrypt the folder, and the folder size is limited only by the amount of free space on the hard disk.
Unlike PGP Desktop, CyberSafe Top Secret cannot encrypt the system HDD, it is limited only to encryption of external and internal non-system drives.
But CyberSafe Top Secret has a cloud backup option, and, unlike Folder Lock, given opportunity absolutely free, more precisely, the cloud backup function can be configured for any service - both paid and free. You can read more about this feature in the article.
Also, two important features of the program should be noted: two-factor authorization and the system of trusted applications. In the program settings, you can either set up password authentication or two-factor authentication (Fig. 26).


Rice. 26. Program settings

In the tab Allowed. annexes you can define trusted applications that are allowed to work with encrypted files. All applications are trusted by default. But for greater security, you can set applications that are allowed to work with encrypted files (Figure 27).


Rice. 27. Trusted applications

CyberSafe Top Secret benefits:

  • Support for GOST encryption algorithms and a certified CryptoPro encryption provider, which allows using the program not only for individuals and commercial organizations, but also for government agencies.
  • Support for transparent folder encryption, which allows you to use the program as a replacement for EFS. Considering what the program provides, such a replacement is more than justified.
  • The ability to sign files electronically digitally signed and the ability to verify the signature of the file.
  • Built-in key server that allows you to publish keys and access other keys that have been published by other company employees.
  • The ability to create a virtual encrypted disk and the ability to encrypt the entire partition.
  • The ability to create self-decrypting archives.
  • Free cloud backup that works with any service - both paid and free.
  • Two-factor user authentication.
  • A trusted application system that allows only specific applications to access encrypted files.
  • The CyberSafe application supports the AES-NI instruction set, which has a positive effect on the program's performance (this fact will be demonstrated below).
  • The CyberSafe driver allows you to work over the network, which makes it possible to organize.
  • Russian-language interface of the program. For English-speaking users, there is an option to switch to English.

Now about the shortcomings of the program. The program has no particular drawbacks, but since the task was to honestly compare the programs, the drawbacks still have to be found. If you really find fault with it, sometimes (very, very rarely) unlocalized messages like “Password is weak” “slip through” in the program. Also, while the program does not know how to encrypt system disk, but such encryption is not always and not necessary for everyone. But all this is small compared to PGP Desktop freezing and its cost (but you don't know about that yet).

Performance

When working with PGP Desktop, I got the impression (right after installing the program) that the computer began to work slower. If not for this "sixth sense", then this section would not be in this article. It was decided to measure the performance using the CrystalDiskMark program. All tests are carried out on real car- no virtual machines. The configuration of the laptop is as follows - Intel 1000M (1.8 GHz) / 4 GB RAM / WD WD5000LPVT (500 GB, SATA-300, 5400 RPM, 8 MB buffer / Windows 7 64-bit). The car is not very powerful, but what it is.
The test will be performed as follows. We launch one of the programs and create a virtual container. The container parameters are as follows:
  • The virtual disk size is 2048 MB.
  • File system - NTFS
  • Drive letter Z:
After that, the program is closed (of course, the virtual disk is unmounted) - so that nothing would interfere with the test of the next program. The next program is launched, a similar container is created in it, and the test is performed again. To make it easier for you to read the test results, you need to talk about what the CrystalDiskMark results mean:
  1. Seq - sequential write / sequential read test (block size = 1024KB);
  2. 512K - random write / random read test (block size = 512KB);
  3. 4K - the same as 512K, but the block size is 4K;
  4. 4K QD32 - random write / read test (block size = 4KB, Queue Depth = 32) for NCQ & AHCI.
During the test, all programs except CrystalDiskMark were closed. I chose the test size of 1000 MB and set 2 passes so as not to force my hard drive once again (as a result of this experiment, its temperature increased from 37 to 40 degrees anyway).

Let's start with a regular hard drive to compare with. The performance of the C: drive (and this is the only partition on my computer) will be considered a reference. So, I got the following results (Fig. 28).


Rice. 28. Hard disk performance

Now let's start testing the first program. Let it be Folder Lock. In fig. 29 shows the parameters of the created container. Please note that I am using a fixed size. The results of the program are shown in Fig. 30. As you can see, there is a significant decrease in performance compared to the benchmark. But this is normal - after all, data is encrypted and decrypted on the fly. The performance should be lower, the question is how much.


Rice. 29. Parameters of the Folder Lock container


Rice. 30. Folder Lock Program Results

The next program is PGP Desktop. In fig. 31 - parameters of the created container, and in fig. 32 - results. My feelings were confirmed - the program really works slower, which was confirmed by the test. But when this program was running, not only the virtual disk was "slowing down", but even the entire system, which was not observed when working with other programs.


Rice. 31. Parameters of the PGP Desktop container


Rice. 32. PGP Desktop Results

It remains to test the CyberSafe Top Secret program. As usual, first - the parameters of the container (Fig. 33), and then the results of the program (Fig. 34).


Rice. 33. Parameters of the CyberSafe Top Secret container


Rice. 34. CyberSafe Top Secret Program Results

I think comments will be superfluous. In terms of productivity, the seats were distributed as follows:

  1. CyberSafe Top Secret
  2. Folder Lock
  3. PGP Desktop

Price and conclusions

Since we tested proprietary software, there is one more important factor to consider - the price. Folder Lock app will cost $ 39.95 for one installation and $ 259.70 for 10 installations. On the one hand, the price is not very high, but the functionality of the program, frankly, is small. As already noted, the functions of hiding files and wallets are of little use. The Secure Backup feature requires an additional fee, therefore, giving away almost $ 40 (if you put yourself in your place regular user, not the company) just for the ability to encrypt files and create self-decrypting safes - expensive.
PGP Desktop will cost you $ 97. And mind you - this is just the starting price. The full version with a set of all modules will cost about $ 180-250 and this is only a 12-month license. In other words, you will have to pay $ 250 each year to use the program. As for me, this is overkill.
CyberSafe Top Secret program is the golden mean, both in terms of functionality and price. For an ordinary user, the program will cost only $ 50 (a special anti-crisis price for Russia, for other countries full version will cost $ 90). Please note that this is how much the most complete version of the Ultimate program costs.
Table 1 provides a comparison chart of the features of all three products to help you choose your product.

Table 1. Programs and functions

Function Folder Lock PGP Desktop CyberSafe Top Secret
Virtual encrypted disks Yes Yes Yes
Encrypt the entire partition No Yes Yes
System disk encryption No Yes No
Convenient integration with email clients No No Yes
Encrypting email messages Yes (limited) Yes Yes
File encryption No Yes Yes
EDS, signing No Yes Yes
EDS, verification No Yes Yes
Transparent folder encryption No No Yes
Self-decrypting archives Yes Yes Yes
Cloud backup Yes (paid) No Yes (free)
Trusted Application System No No Yes
Certified Crypto Provider Support No No Yes
Token support No No (support discontinued) Yes (when installing CryptoPro)
Own key server No Yes Yes
Two-factor authentication No No Yes
Hiding individual files Yes No No
Hiding hard drive partitions Yes No Yes
Payment wallets Yes No No
GOST encryption support No No Yes
Russian interface No No Yes
Sequential read / write (DiskMark), MB / s 47/42 35/27 62/58
Price 40$ 180-250$ 50$

Considering all the factors outlined in this article (functionality, performance and price), the winner of this comparison is the CyberSafe Top Secret program. If you have any questions, we will be happy to answer them in the comments.

We recently compared mobile (for Android) encryption apps. It's time for a similar review, but for desktop programs.

Selection of programs for comparison

In order for all three programs to be in the same weight category, it was decided to compare only proprietary software, that is, software with closed source code. Folder Lock and PGP Desktop will be compared with CyberSafe Top Secret. I think many are familiar with the latter program. But Folder Lock was not chosen by chance either - it won a gold award in a comparison of ten encryption programs.

Folder Lock Overview

The main features of Folder Lock are as follows:
  • AES encryption, 256-bit key.
  • Hiding files and folders.
  • File encryption (by creating virtual disks - safes) "on the fly".
  • Online backup.
  • Create secure USB / CD / DVD drives.
  • Encryption of email attachments.
  • Creation of encrypted "wallets" storing information about credit cards, accounts, etc.

It would seem that the program has enough capabilities, especially for personal use. Now let's look at the program in action. At the first launch, the program asks to set a master password, which is used to authenticate the user in the program (Fig. 1). Imagine this situation: you have hidden files, and someone else launched the program, looked at which files were hidden, and gained access to them. Agree, not very good. But if the program asks for a password, then this "someone" will not succeed - in any case, until he or she finds out or finds out your password.


Rice. 1. Setting the master password at the first start

First, let's see how the program hides files. Go to section Lock Files, then either drag files (Fig. 2) and folders to the main area of ​​the program, or use the button Add... As shown in fig. 3, the program allows you to hide files, folders and drives.


Rice. 2. Drag and drop the file, select it and click Lock


Rice. 3. Button Add

Let's see what happens when we press the button Lock... I tried to hide the file C: \ Users \ Denis \ Desktop \ cs.zip. The file disappeared from Explorer, Total Commander and other file managers, even if the display of hidden files is enabled. The file hide button is called Lock and section Lock Files... However, these UI elements would need to be named Hide and Hide Files, respectively. Because, in fact, the program does not block access to the file, but simply "hides" it. Look at fig. 4. Knowing the exact name of the file, I copied it to the cs2.zip file. The file was copied quietly, there were no access errors, the file was not encrypted - it was unpacked as usual.


Rice. 4. Copy a hidden file

By itself, the concealment function is stupid and useless. However, if you use it in conjunction with the file encryption function - to hide the safes created by the program - then the efficiency of its use will increase.
In chapter Encrypt Files you can create lockers. A safe is an encrypted container that, after mounting, can be used like a regular disk - encryption is not simple, but transparent. The same technique is used by many other encryption programs, including TrueCrypt, CyberSafe Top Secret, and others.


Rice. 5. Encrypt Files section

Click the button Create locker, in the window that appears, enter a name and select the location of the safe (Fig. 6). Next, you need to enter a password to access the safe (Fig. 7). The next step is to select the file system and the size of the safe (Fig. 8). The size of the safe is dynamic, but you can set the maximum limit. This saves disk space if you are not using a full-size safe. Optionally, you can create a fixed-size safe as shown in the Performance section of this article.


Rice. 6. Name and location of the safe


Rice. 7. Password to access the safe


Rice. 8. File system and size of the safe

After that, you will see the UAC window (if it is enabled), in which you will need to click Yes, then a window with information about the created safe will be displayed. In it, you need to click the Finish button, after which the Explorer window will open, displaying the mounted container (media), see fig. nine.


Rice. 9. Virtual disk created by the program

Return to the section Encrypt Files and select the created safe (fig. 10). Button Open locker allows you to open a closed safe, Close Locker- close open, button Edit options calls a menu containing commands for deleting / copying / renaming / changing the safe password. Button Backup Online allows you to back up your safe, and not somewhere, but to the cloud (Fig. 11). But first, you have to create an account. Secure Backup Account, after which you will get up to 2 TB of disk space, and your safes will be automatically synchronized with the online storage, which is especially useful if you need to work with the same safe on different computers.


Rice. 10. Operations over the safe


Rice. 11. Creating a Secure Backup Account

Nothing happens just like that. Please see secure.newsoftwares.net/signup?id=en for pricing for storing your safes. For 2 TB, you will have to pay $ 400 per month. 500 GB will cost $ 100 per month. To be honest, it is very expensive. For $ 50-60, you can rent a whole VPS with 500 GB "on board", which you can use as storage for your safes and even create your own website on it.
Please note: the program can create encrypted partitions, but unlike PGP Desktop, it cannot encrypt entire disks. In chapter Protect USB / CD you can protect your USB / CD / DVD drives as well as email attachments (Figure 12). However, this protection is not achieved by encrypting the medium itself, but by recording a self-decrypting safe on the corresponding medium. In other words, a truncated portable version of the program will be written to the selected medium, allowing you to "open" the safe. As such, this program does not have support for mail clients either. You can encrypt the attachment and attach it (already encrypted) to the email. But the attachment is encrypted with a regular password, not PKI. I think there is no point in talking about reliability.


Rice. 12. Section Protect USB / CD

Chapter Make wallets allows you to create wallets containing information about your credit cards, bank accounts, etc. (fig. 13). All information, of course, is stored encrypted. I can say with full responsibility that this section is useless, since the function of exporting information from the wallet is not provided. Imagine that you have many bank accounts and you have entered information about each of them into the program - account number, bank name, account holder, SWIFT code, etc. Then you need to provide your account information to a third party to transfer money to you. You will have to manually copy each field, paste it into your document or email. Having an export function would make this task much easier. As for me, it is much easier to store all this information in one common document, which must be placed on the virtual disk created by the program - a safe.


Rice. 13. Wallets

Folder Lock Benefits:

  • An attractive and intuitive interface that will appeal to novice users who speak English.
  • Transparent encryption on the fly, creating virtual encrypted disks that you can work with like regular disks.
  • Possibility of online backup and synchronization of encrypted containers (safes).
  • The ability to create self-decrypting containers on USB / CD / DVD-disks.

Disadvantages of the program:

  • There is no support for the Russian language, which will complicate the work with the program for users who are not familiar with the English language.
  • Doubtful functions Lock Files (which simply hides, rather than "locks" files) and Make Wallets (ineffective without exporting information). Honestly, I thought that the Lock Files feature would provide transparent encryption of a folder / file on a disk, just like CyberSafe Top Secret or the EFS file system does.
  • Inability to sign files, verify digital signatures.
  • When opening the safe, it does not allow you to select a drive letter that will be assigned to the virtual disk that corresponds to the safe. In the program settings, you can only select the order in which the program will assign a drive letter - ascending (from A to Z) or descending (from Z to A).
  • There is no integration with email clients, there is only the ability to encrypt the attachment.
  • The high cost of cloud backup.

PGP Desktop

Symantec's PGP Desktop is a suite of encryption software that provides flexible, multi-layered encryption. The program differs from CyberSafe TopSecret and Folder Lock by its close integration into the system shell. The program is embedded in the shell (Explorer), and its functions are accessed through the Explorer context menu (Fig. 14). As you can see, the context menu contains functions for encryption, file signing, etc. The function of creating a self-decrypting archive is quite interesting - according to the principle of a self-extracting archive, only instead of unpacking the archive is also decrypted. However, the Folder Lock and CyberSafe programs also have a similar function.


Rice. 14. Context Menu PGP Desktop

Also, access to the program functions can be obtained through the system tray (Fig. 15). Command Open PGP Desktop opens the main program window (fig. 16).


Rice. 15. Program in the system tray


Rice. 16. PGP Desktop Window

Sections of the program:

  • PGP Keys- management of keys (both own and imported from keyserver.pgp.com).
  • PGP Messaging- management of messaging services. Upon installation, the program automatically detects your accounts and automatically encrypts AOL Instant Messenger communications.
  • PGP Zip- management of encrypted archives. The program supports transparent and non-transparent encryption. This section implements opaque encryption. You can create an encrypted Zip archive (PGP Zip) or a self-decrypting archive (Figure 17).
  • PGP Disk is an implementation of the transparent encryption function. The program can either encrypt an entire hard disk partition (or even an entire disk) or create a new virtual disk (container). There is also a Shred Free Space function, which allows you to erase free space on the disk.
  • PGP Viewer- here you can decrypt PGP messages and attachments.
  • PGP NetShare- a tool for "sharing" folders, while "balls" are encrypted using PGP, and you have the ability to add / remove users (users are identified based on certificates) who have access to the "share".


Rice. 17. Self-decrypting archive

As far as virtual disks are concerned, I especially liked the ability to create a dynamically sized virtual disk (Figure 18), as well as select an algorithm other than AES. The program allows you to select the drive letter to which the virtual disk will be mounted, and also allows you to automatically mount the disk at system startup and unmount it when idle (by default, after 15 minutes of inactivity).


Rice. 18. Create a virtual disk

The program tries to encrypt everything and everyone. It monitors POP / SMTP connections and suggests protecting them (Figure 19). The same goes for instant messaging clients (Figure 20). It is also possible to protect IMAP connections, but it must be enabled separately in the program settings.


Rice. 19. SSL / TLS connection detected


Rice. 20. PGP IM in Action

It's a pity that PGP Desktop does not support popular modern programs like Skype and Viber. Who is currently using AOL IM? I think there are not many of them.
Also, when using PGP Desktop, it is difficult to configure mail encryption, which only works in interception mode. But what if encrypted mail has already been received, and PGP Desktop was launched after receiving the encrypted message. How to decrypt it? You can, of course, but you have to do it manually. In addition, already decrypted messages in the client are no longer protected in any way. And if you configure the client for certificates, as it is done in the CyberSafe Top Secret program, then the letters will always be encrypted.
The interception mode also does not work very well, since the message about the protection of mail appears every time on each new mail server, and gmail has a lot of them. The mail protection window will get bored very quickly.
The program also does not differ in stability of work (fig. 21).


Rice. 21. PGP Desktop is frozen ...

Also, after installing it, the system worked slower (subjectively) ...

Benefits of PGP Desktop:

  • A complete program used for file encryption, file signing and electronic signature verification, transparent encryption (virtual disks and encryption of the entire partition), email encryption.
  • Keyserver support keyserver.pgp.com.
  • The ability to encrypt the system hard drive.
  • PGP NetShare function.
  • Ability to overwrite free space.
  • Tight integration with Explorer.

Disadvantages of the program:

  • Lack of support for the Russian language, which will complicate the work with the program for users who do not know English.
  • Unstable work of the program.
  • Poor program performance.
  • There is support for AOL IM, but no support for Skype and Viber.
  • Messages that have already been decrypted remain unprotected on the client.
  • Mail protection works only in interception mode, which will quickly bother you, since the mail protection window will appear every time for each new server.

CyberSafe Top Secret

As in the previous review, there will not be a detailed description of the CyberSafe Top Secret program, since our blog has already written a lot about it (Fig. 22).


Rice. 22. CyberSafe Top Secret Program

However, we will nevertheless pay attention to some points - the most important ones. The program contains tools for managing keys and certificates, and the presence of its own key server in CyberSafe allows the user to publish his own public key on it, as well as receive the public keys of other employees of the company (Fig. 23).


Rice. 23. Key management

The program can be used to encrypt individual files, which was shown in the article “Electronic signature: practical use of the CyberSafe Enterprise software product in an enterprise. Part one" . As for encryption algorithms, the CyberSafe Top Secret program supports GOST algorithms and a certified crypto provider CryptoPro, which allows it to be used in government agencies and banks.
The program can also be used for transparent encryption of a folder (Fig. 24), which allows it to be used as a replacement for EFS. And, given that CyberSafe turned out to be more reliable and faster (in some scenarios) than EFS, then it is not only possible to use it, but also necessary.


Rice. 24. Transparent encryption of the C: \ CS-Crypted folder

The functionality of the CyberSafe Top Secret program resembles that of the PGP Desktop program - if you noticed, the program can also be used to encrypt e-mail messages, as well as to electronically sign files and verify this signature (section Email digital signature, see fig. 25).


Rice. 25. Section Email digital signature

Like PGP Desktop, CyberSafe Top Secret can create virtual encrypted disks and encrypt entire hard disk partitions. It should be noted that CyberSafe Top Secret can create only fixed size virtual disks, unlike Folder Lock and PGP Desktop. However, this disadvantage is mitigated by the ability to transparently encrypt the folder, and the folder size is limited only by the amount of free space on the hard disk.
Unlike PGP Desktop, CyberSafe Top Secret cannot encrypt the system hard drive, it only encrypts external and internal non-system drives.
But CyberSafe Top Secret has a cloud backup option, and, unlike Folder Lock, this option is absolutely free, more precisely, the cloud backup function can be configured for any service - both paid and free. You can read more about this feature in the article "Cloud backup encryption".
Also, two important features of the program should be noted: two-factor authorization and the system of trusted applications. In the program settings, you can either set up password authentication or two-factor authentication (Fig. 26).


Rice. 26. Program settings

In the tab Allowed. annexes you can define trusted applications that are allowed to work with encrypted files. All applications are trusted by default. But for greater security, you can set applications that are allowed to work with encrypted files (Figure 27).


Rice. 27. Trusted applications

CyberSafe Top Secret benefits:

  • Support for GOST encryption algorithms and a certified CryptoPro encryption provider, which allows using the program not only for individuals and commercial organizations, but also for government agencies.
  • Support for transparent folder encryption, which allows you to use the program as a replacement for EFS. Considering that the program provides the best level of performance and security, such a replacement is more than justified.
  • The ability to sign files with an electronic digital signature and the ability to verify the file signature.
  • Built-in key server that allows you to publish keys and access other keys that have been published by other company employees.
  • The ability to create a virtual encrypted disk and the ability to encrypt the entire partition.
  • The ability to create self-decrypting archives.
  • Free cloud backup that works with any service - both paid and free.
  • Two-factor user authentication.
  • A trusted application system that allows only specific applications to access encrypted files.
  • The CyberSafe application supports the AES-NI instruction set, which has a positive effect on the program's performance (this fact will be demonstrated below).
  • The CyberSafe driver allows you to work over the network, which makes it possible to organize corporate encryption.
  • Russian-language interface of the program. For English-speaking users, there is an option to switch to English.

Now about the shortcomings of the program. The program has no particular drawbacks, but since the task was to honestly compare the programs, the drawbacks still have to be found. If you really find fault with it, sometimes (very, very rarely) unlocalized messages like “Password is weak” “slip through” in the program. Also, while the program does not know how to encrypt the system disk, but such encryption is not always and not everyone needs. But all this is small compared to PGP Desktop freezing and its cost (but you don't know about that yet).

Performance

When working with PGP Desktop, I got the impression (right after installing the program) that the computer began to work slower. If not for this "sixth sense", then this section would not be in this article. It was decided to measure the performance using the CrystalDiskMark program. All tests are carried out on a real machine - no virtual machines. The configuration of the laptop is as follows - Intel 1000M (1.8 GHz) / 4 GB RAM / WD WD5000LPVT (500 GB, SATA-300, 5400 RPM, 8 MB buffer / Windows 7 64-bit). The car is not very powerful, but what it is.
The test will be performed as follows. We launch one of the programs and create a virtual container. The container parameters are as follows:
  • The virtual disk size is 2048 MB.
  • File system - NTFS
  • Drive letter Z:
After that, the program is closed (of course, the virtual disk is unmounted) - so that nothing would interfere with the test of the next program. The next program is launched, a similar container is created in it, and the test is performed again. To make it easier for you to read the test results, you need to talk about what the CrystalDiskMark results mean:
  1. Seq - sequential write / sequential read test (block size = 1024KB);
  2. 512K - random write / random read test (block size = 512KB);
  3. 4K - the same as 512K, but the block size is 4K;
  4. 4K QD32 - random write / read test (block size = 4KB, Queue Depth = 32) for NCQ & AHCI.
During the test, all programs except CrystalDiskMark were closed. I chose the test size of 1000 MB and set 2 passes so as not to force my hard drive once again (as a result of this experiment, its temperature increased from 37 to 40 degrees anyway).

Let's start with a regular hard drive to compare with. The performance of the C: drive (and this is the only partition on my computer) will be considered a reference. So, I got the following results (Fig. 28).


Rice. 28. Hard disk performance

Now let's start testing the first program. Let it be Folder Lock. In fig. 29 shows the parameters of the created container. Please note that I am using a fixed size. The results of the program are shown in Fig. 30. As you can see, there is a significant decrease in performance compared to the benchmark. But this is normal - after all, data is encrypted and decrypted on the fly. The performance should be lower, the question is how much.


Rice. 29. Parameters of the Folder Lock container


Rice. 30. Folder Lock Program Results

The next program is PGP Desktop. In fig. 31 - parameters of the created container, and in fig. 32 - results. My feelings were confirmed - the program really works slower, which was confirmed by the test. But when this program was running, not only the virtual disk was "slowing down", but even the entire system, which was not observed when working with other programs.


Rice. 31. Parameters of the PGP Desktop container


Rice. 32. PGP Desktop Results

It remains to test the CyberSafe Top Secret program. As usual, first - the parameters of the container (Fig. 33), and then the results of the program (Fig. 34).


Rice. 33. Parameters of the CyberSafe Top Secret container


Rice. 34. CyberSafe Top Secret Program Results

I think comments will be superfluous. In terms of productivity, the seats were distributed as follows:

  1. CyberSafe Top Secret
  2. Folder Lock
  3. PGP Desktop

Price and conclusions

Since we tested proprietary software, another important factor to consider is price. Folder Lock app will cost $ 39.95 for one installation and $ 259.70 for 10 installations. On the one hand, the price is not very high, but the functionality of the program, frankly, is small. As already noted, the functions of hiding files and wallets are of little use. The Secure Backup feature requires an additional fee, therefore, giving away almost $ 40 (if you put yourself in the shoes of a regular user, not a company) just for the ability to encrypt files and create self-decrypting safes is expensive.
PGP Desktop will cost you $ 97. And mind you - this is just the starting price. The full version with a set of all modules will cost about $ 180-250 and this is only a 12-month license. In other words, you will have to pay $ 250 each year to use the program. As for me, this is overkill.
CyberSafe Top Secret program is the golden mean, both in terms of functionality and price. For an ordinary user, the program will cost only $ 50 (a special anti-crisis price for Russia, for other countries the full version will cost $ 90). Please note that this is how much the most complete version of the Ultimate program costs.
Table 1 provides a comparison chart of the features of all three products to help you choose your product.

Table 1. Programs and functions

Function Folder Lock PGP Desktop CyberSafe Top Secret
Virtual encrypted disks Yes Yes Yes
Encrypt the entire partition No Yes Yes
System disk encryption No Yes No
Convenient integration with email clients No No Yes
Encrypting email messages Yes (limited) Yes Yes
File encryption No Yes Yes
EDS, signing No Yes Yes
EDS, verification No Yes Yes
Transparent folder encryption No No Yes
Self-decrypting archives Yes Yes Yes
Cloud backup Yes (paid) No Yes (free)
Trusted Application System No No Yes
Certified Crypto Provider Support No No Yes
Token support No No (support discontinued) Yes (when installing CryptoPro)
Own key server No Yes Yes
Two-factor authentication No No Yes
Hiding individual files Yes No No
Hiding hard drive partitions Yes No Yes
Payment wallets Yes No No
GOST encryption support No No Yes
Russian interface No No Yes
Sequential read / write (DiskMark), MB / s 47/42 35/27 62/58
Price 40$ 180-250$ 50$

Considering all the factors outlined in this article (functionality, performance and price), the winner of this comparison is the CyberSafe Top Secret program. If you have any questions, we will be happy to answer them in the comments.

Read also

Liked? Like us on Facebook