Encrypted Headers

First bytes of BestCrypt encrypted file-containers contain information about size of the container, two signatures (LOCOS94 and CRYPTED_DSK), identifier of encryption algorithm, etc.

Existence of the information in opened form may be helpful. Size characteristics of container in its header allows BestCrypt Control Panel to discover damaged container when it initially reads files in root directory of every drive. Besides, in case of damaging hard drive or file system the container file can also be damaged as any other regular file on the drive. In that case opened signatures may help the user to find start bytes of the file and possibility of restoring a whole container file increases considerably.

On the other hand, existence of signatures makes BestCrypt container files recognizable as encrypted data files. BestCrypt v8+ provides an opportunity for users to choose whether they want to encrypt the header of container to get the file looking as a file completely filled in by random data, so that it is impossible to prove that the file contains encrypted data. However, you should realize that files with random data may not confuse skillful investigators of your computer and they will still suspect that the large amount of random data on your disk is encrypted data.

To encrypt header of container file, you should do the following:

  1. Open Change Container Properties dialog for the container (run Properties command from pop-up menu for selected container or from Container menu item).
  2. Open Key Block functions property sheet.
  3. Check the Encrypt key block header radio button.
  4. Click Execute

NOTE: Containers with encrypted headers are not shown in BestCrypt Control Panel. To work with such containers, you have to use Browse command from Container menu.

NOTE: You can Encrypt Header when you create a container: enable this option in Enter password -> Show Advanced Settings window. Encrypting header sets the number of hash Iterations to unchangeable default value.

See also: