BestCrypt version 8 provides users with a higher security level as well as with a set of new functions. Besides, with version 8 there are several ways of encrypting data:
The following sections describe the enhancements in more detail.
1. BestCrypt allows encrypting data with many encryption algorithms. Every algorithm is implemented with the largest possible key size defined in the algorithm's specification:
(Note that BestCrypt v.8 supports also the following algorithms to provide compatibility with earlier versions of the software: Blowfish (256-bit key), Blowfish (128-bit key), DES (56-bit key).)
2. BestCrypt v.8 can utilize LRW Encryption Mode with all encryption algorithms listed above. LRW Mode is specially designed for applications working on disk sector level and more secure than other popular modes used earlier (like Cipher Block Chaining (CBC) mode).
3. Version 8 provides enhanced plausible deniability comparing with earlier versions:
4. BestCrypt v.8 allows choosing Secure Hash Algorithm. At the moment the following hash algorithms are available: SHA-256, SHA-1, RIPEMD-160, MD5.
5. Version 8 allows using Public Key Encryption technology to provide access to encrypted data. The software supports key pairs in standard formats like PKCS #12, X.509, it supports PGP keys. It means, for example, that users can use public key of some other person to allow him/her accessing data inside encrypted container.
6. The software supports Secret Sharing Scheme. The functionality allows a group of persons to create a single encrypted container so that only several members of the group gathered together will be able to access data inside the container.
7. BestCrypt v.8 allows users to remove header of encrypted container from container file. Such a header is stored in a separate file. Without the header it is absolutely impossible to access data inside the container, because the header stores encryption key for the data. The file with container's header can be stored in any place, for example, on a removable device. So even if a user is unable to store large container file in a safe place, he/she can do that with a small file where header of the container is stored.
1. BestCrypt v.8 supports Windows Vista, including 32-bit and 64-bit versions of the operating system. Note that old Windows versions, like Windows 98, are still supported too.
2. BestCrypt v.8 allows mounting encrypted containers, created with KG-Ghost key generator, not only as a disk drive with a drive letter (like D:, E: or Z:), but also as a mount point, i.e. as a subfolder on a regular NTFS partition. It is useful, for example, because appearing new drive on a computer is more noticable than appearing some additional data in NTFS subfolder. As well now the user can mount a lot of containers simultaneously, being not limited by a number of free drive letters on his/her computer.
3. Version 8 supports its own database of Public Keys. The user can control the database with Public Key Manager utility. BestCrypt Public Key Manager supports importing public keys from files created by other programs, for example, by PGP program or software that uses X.509 standard.
4. BestCrypt v.8 includes a special module allowing any third-party individual or company easily translate the software to other language. Please contact our technical support department for more information on translating the software.
5. The software now allows mounting BestCrypt virtual drives as removable devices. Sometimes it is useful, for example, if your computer has not so reliable power supply. Windows caches data flow on removable devices in a different way, so accidental power lost causes less consequences for consistency of data stored on removable devices.
6. If BestCrypt virtual drive (for example, E:) is shared for network access, earlier versions of BestCrypt save information about the share and restore it when the user mounts the virtual drive again. But earlier BestCrypt versions cannot save sharing information if subfolders on the virtual drive are shared (for example, E:\shared_subfolder_1). Version 8 of the software has no the limitation and all the sharing information for virtual drive is restored when the user mounts the drive.
Earlier BestCrypt versions provide the user with access to encrypted data using idea of encrypted containers and virtual drives. For example, the user could create 30 GBytes container file, then mount it as an additional 30 GBytes virtual drive Z: (or E:, F:, or other drive letter). Virtual drive Z: works as any other regular drive and all the data on the drive is stored in encrypted form.
BestCrypt v.8 also supports virtual drive technology. Additionally, version 8 allows users to encrypt data in the following ways:
1. Encrypting a whole disk volume (partition) including boot/system Windows partition. The user can encrypt the old MS-DOS style partition as well as modern volumes residing on a number of physical disk devices, for example Spanned, Striped, Mirrored or RAID-5 volumes. Name of the software from BestCrypt family, which can encrypt whole volumes is BestCrypt Volume Encryption . Read Help documentation for BestCrypt Volume Encryption to get more information on the software.
2. When the user encrypts a whole partition, the only way to move data in encrypted form to other computer is to move a physical hard drive with encrypted partition. When the user creates encrypted container file, he/she can move the file to other computer and after mounting it as a virtual drive the user can access encrypted data.
In all the cases the user must have encryption software installed on the destination computer. In case with encrypted container file, the file stores filesystem structures of virtual drive. Besides, data inside container file is not compressed.
BestCrypt v.8 has a special utility allowing the user to compress group of files or folders to encrypted archive (i.e. a single compressed file). Besides, the encrypted archive can be created as a self-extracting program. It means that recipient of the archive may do not have any encryption software installed to access secret data inside the archive. Name of the utility that supports encrypted compressed and self-extracting archives is BCArchive.
BCArchive supports password-based encryption and public key encryption, so the user can encrypt files using password or public key of the recipient who will receive the data. BCArchive supports a number of standards existing for public key encryption (like PKCS-12, X.509, RFC 2440), as well as a number of secure hash function and encryption algorithms. Read Help documentation for BCArchive utility to get more information on the software.