PREFACE

INSTALLATION

ENCRYPT AND DECRYPT FILES AND FOLDERS

CHOOSING THE ENCRYPTION WAY

THE KEYS DATABASE

GETTING A KEY

INSERTING A KEY

REMOVING A KEY

CREATING A NEW KEY

SECURELY DELETING A FILE

VIEW INFORMATION ABOUT THE FILE

TIPS

Choosing the Encryption Way

The decision about choose what way to encrypt a file or a folder is just a matter of choosing between the convenience or the safety. To encrypt using a passphrase is very easy, but unsafe. On the other hand, to encrypt using a key file is less convenient, but much safer.

Advantages and disadvantages of passphrases

Passphrases are very easy to use. Just choose a secret word or phrase and use it as a passphrase. To decrypt the file, just provide the same passphrase and it's done.

By using passphrases, you do not need to deal with key files, having to worry where to store them safely. If you lose a key file, you cannot recover files encrypted with it. But if you use passphrases, you will not have to worry about losing the key (unless you forget it).

However all these conveniences bring security problems.

When providing a passphrase, EAESCrypt uses it to generate a 256-bits hash, and uses that hash as the encryption key. But it doesn't mean that the encryption has the security of a 256-bits key. The key actually used is the passphrase. If your passphrase is, for instance, a word of 8 letters, then your key has only 56 bits (remember that EAESCrypt is an open source and anyone can see how to generate the hash from a passphrase).

The problem is greater because a passphrase is a human-selected password, which means that it can be weak. A passphrase of 8 characters with low entropy can be compared to a just 18-bits key and can be broken in a matter of seconds.

That's why it's very important to choose good passphrases.

Advantages and disadvantages of key files

Even if the passphrase is the best one, it will not be as good as a random key. This is true because a random key is usually much bigger than a passphrase (hardly anyone will use a passphrase of 32 characters, far less one of 256 characters). Another reason is that the content of a key is random and can not be compared with any dictionary of words.

However, to take advantage of this security, several precautions should be taken with key files. The most important is to deal with key files with extreme care, keeping them in secure locations with no access by unauthorized persons, and taking precautions for not loosing the key files.

If you keep the key files within the Keys Database, or in a folder on your desktop, all your encrypted files are actually protected only by your own login password. It is also very easy to forget to delete a key file after using it, and a key file forgotten in some folder is an easy target for hackers.

The best way to store key files are on an external media (such as a Flash Drive), securely placed in a location with controlled access.

 
 
Copyright © 2013 Dalen Knowledge Systems