New features in version 2

BestCrypt Volume Encryption version 2 provides the users with a higher security level, higher performance and with a set of new functions.

1. Version 2 of the software uses more enhanced XTS Encryption Mode. The mode of encryption is more secure and faster than LRW mode used in previous version 1 of the software. Version 2 uses SHA-512 hash algorithm instead of SHA-256. Version 2 still contains LRW encryption mode module and SHA-256 module to provide compatibility with previous version 1 of the software, so the user can upgrade version 1 of BestCrypt Volume Encryption to version 2 without decrypting volumes and uninstalling the previous version.

2. Version 2 allows the user to add several passwords for encrypted volume, including boot and system volumes. It is convenient and provides more security, because administrator can add passwords for temporary access to encrypted data and then remove the passwords. Besides, administrator does not have to tell other users his/her own password, because it can also be used for other encrypted data.

3. Anti-Keylogger functionality is added. When the user activates Anti-Keylogger, no keylogging program (like Advanced Keylogger or Spy Lantern Keylogger) can intercept passwords the user enters for volumes encrypted by BestCrypt Volume Encryption. The Anti-Keylogger module protects also passwords the user enters for eToken devices when they are used with encrypted volumes.

4. BestCrypt Volume Encryption v.2 can work in Traveller Mode. The user can create a set of Traveller Mode files and then run the program on computer where the software is not installed, for example, when removable disk device with encrypted volume is attached to computer without BCVE installed.

5. Version 2 has no 2 Terabyte limitation, i.e. the user can now encrypt volumes that are larger than 2 Terabytes.

6. Version 2 supports the latest PKI Client software from Aladdin company. As a result, eToken support has became available for Windows Vista x64 platform. Previous versions of Aladdin packages (RTE and PKI Client) are still supported.

7. Backup of encryption keys stored on Aladdin eToken devices is enhanced. Now the user can backup encryption keys from several eTokens to a single device. It is more convenient for administrator to keep a single backup eToken with encryption keys stored on a number of users' eTokens.

8. BestCrypt Volume Encryption (BCVE) does not modify reserved sectors on the hard drive to store its boot code when the user encrypts system/boot volume. As a result, BCVE does not conflict with other software that may wish to use the sectors (like Windows dynamic disk support, Adobe protection scheme, system boot recovery programs). But BCVE still needs to modify MBR sector.

Since v.2 advanced users can move contents of BCVE code from MBR to first sector on removable device (floppy or USB stick) and restore original contents of the MBR sector. After that boot of encrypted operating system is possible only from the removable device, or, if the computer is dual-boot, only not encrypted system will load without displaying BCVE boot-time password prompt.

Several interesting schemes of booting computers can be invented with the help of the feature, example for dual-boot computers is only one of them. Although now the functionality is helpful rather to advanced users, future versions of BCVE will use it for enhancing security of the software.


See also