Some information is best kept secret. Now that we’re living in the future, much of that information is stored in computers. One of the ways to keep things secret in a computer is to use cryptography. Kruptos is one way to use cryptography to keep your data safe.
Getting and Starting Kruptos
Kruptos, now in its second version, is made by a company that is appropriately named Kruptos Software 2. A trial version of the program can be downloaded at the free trial page. This review focuses on the trial version. It downloads and installs like any other Windows application. I had no problem during installation.
Upon running Kruptos for the first time, the program will display a message detailing the conditions of the trial. In short, until the user purchases a license, the program will have full functionality for thirty uses. After that, only decrypting of files will be allowed.
Click the “Continue Trial” button at the lower right of the window to bring up the application proper. Notice the Visa icon at the upper right side of the window, reminding the user to upgrade to the full version. A bit tacky, but convenient for those who get sold on the program.
How to Encrypt and Decrypt Files
To encrypt a file, drag it to the project pane. That’s the main area in white in the above picture. You can drag the file from the explorer pane to the left, or from another window or the desktop. You can drag several files at once by shift-clicking or control-clicking. When you’ve put all of the desired files in the project pane. Click on the “Encrypt” icon as outlined in the picture below.
You’ll be asked to give and confirm a password. Since Kruptos is a desktop application, it provides an option to show the password as you type it rather than as a string of asterisks.
Historical Note: Ever wonder why passwords are echoed on the screen as dots or asterisks? Back in ye olden days, no one had personal computers. To use a computer, one had to go to The Computer Room. This was a public or semi-public room holding row upon row of computers or ASCII terminals (a terminal was a computer, a keyboard, a screen, and a modem, minus the computer). There were no partitions to provide privacy. Thus, computer-crackers could steal login credentials by shoulder-surfing. Except for Internet kiosks, this isn’t as much of a concern as it used to be.
Back to work.
Click on the “Encrypt” button at the bottom of the password dialog box and Kruptos will encrypt the selected files.
The encrypted file will have an icon that looks like this:
Decrypting is the reverse of encrypting. Cryptologists (those are the math nerds who make this work) call this restoring the plaintext. The plaintext is the original unencrypted file. To do this with Kruptos, drag the encrypted file to the project pane and click on the “Decrypt” button that’s to the right of the “Encrypt” button. You’ll be prompted for the password.
And you’ll get your old file back.
How to Shred Files
Sometimes, the best way to keep a secret is to get rid of the secret. That means coming to your senses and deleting the directory where you’ve kept your erotic Star Trek/Harry Potter crossover fan fiction. The problem is that it’s possible for someone to “undelete” that directory so that the whole world can laugh at your poor sense and worse taste.
Files are stored on hard disk drives. Accessing hard drives involves moving a physical drive head over a physical platter. In computer terms, that is achingly slow. In order to make hard drives usable, operating system developers have to resort to shortcuts. One of those shortcuts is to cheat on file deletion. When you delete a file, the file system marks the respective tracks on the hard drive as available for use. If those tracks have not yet been used, then it’s possible for your worst enemy to grab your computer and use an “undelete” utility to retrieve your literary crimes and bring shame on your household.
Securely deleting files (or “shredding” them) requires going over those tracks on the hard drive platter and overwriting them with either zeroes or with random noise. To do this in Kruptos, drag the file you want to shred to the project pane, as in the examples for encrypting and decrypting. Then click on the “Shred” button as shown. The slider next to the button controls how many passes the drive head will make over the platter (the maximum is sixteen). The more passes, the more secure the shredding purportedly is.
Important Note: With modern hard drives, one pass suffices. Extra passes don’t add extra security and they need more time to complete.
Remember that, of its nature, shredding is irrevocable. If an undelete utility could retrieve the file, then shredding would be useless.
Odds & Ends
In addition to the main Kruptos interface, the installation process also adds items to the desktop right-click menu. This menu allows quick access to Kruptos’ main features without having to go through the trouble of finding the application icon.
Those of a technical bent may wonder what algorithm Kruptos uses. This was surprisingly difficult to find out. The otherwise-excellent online help system did not list this information — at least, not obviously. I found out almost by accident by clicking on the “View Help” button at the far right of the ribbon. This button did not bring up the usual help system. Instead, it brought up an info window.
So Kruptos uses Bruce Schneier’s Blowfish algorithm with a cipher strength of 256 bits. That’s nice to know, especially since Schneier is a well-regarded expert on computer security. To bring up the actual help system, click on the “View Help” button at the bottom of that window (yes, you have to click on two different “View Help” buttons in order to get help).
Aside from its main purpose of securing information Kruptos also has ancillary functions, such as making self-extracting archive files and creating Zip archives. You may already have such programs installed on your system (I know that I do).
Having one more program on your computer that does those things shouldn’t be such a burden. One complaint that I have is that clicking on any item in the project pane invokes the system beep. I felt like I was using a raw version of Emacs except that I could find no option to turn off the beep.
In spite of some minor annoyances, this is a solid product that makes good use of the ribbon interface to provide an easy way to securely encrypt, decrypt, and delete sensitive files.9