Best freeware and software encryption software?

Best freeware/shareware software encryption software?

Which one from each group(free/paid) is best in your opinion?
I would of made a poll but dont know any.

 

I guess ill start with what I think is some of the best "Encryption" software, free and paid!

$-Paid-$

Encryption

PGP Desktop
Jetico - BestCrypt
DriveCrypt
Advanced Encryption Package

EDIT: DC & AEP added
_______________________

*-Free-*

Encryption

TrueCrypt
GnuPG
___________________________________

You can also use

Winrar
or
7zip

To Encrypt Archives or individual files!

EDIT: Removed a question!

 

Free & open source:
TrueCrypt - to encrypt entire volumes, provides high security

AxCrypt - to encrypt individual files and/or some folders, provides decent security and convenience, with some limitations (e.g. temp files are written to disk in plaintext unless you take additional steps).

Commercial:
PGP, especially for business users
BestCrypt

My personal Avoid list:
DriveCrypt (bad vibes, sorry!)
Any software developers who don't have a long history of providing respected and reliable encryption products. (Lots of snake oil out there).

Best practices: You have to identify your threat model and then choose an approach and hopefully a program that provides appropriate countermeasures. Also, for best results you have to learn how to use it properly. Security is a process, not a program, and the user himself is usually the weakest link.

 

I forgot about "DriveCrypt", a hacker recomended it to me in the past, he said the security features were built by hackers, they implemented some very good security features like Password Sniffing Protection, Anti dictionary and brute-force attack mechanisms, Im going to have to say I add it to my list of good Comercal Encryption Software!

23. No Backdoors present

DriveCrypt does NOT include any backdoor. Encrypted data are only accessible by the legitimate users. Neither the vendor nor any other entities are able to break DriveCrypt disk encryption.
See the FAQ for more details.

Please Read this, its similer to the PGP letter, with lots of answeres to freaquently asked questions!

http://www.securstar.com/faq_drivecrypt.php

 

TrueCrypt is the best free solution for disk encryption or creating encrypted containers.
GnuPG+Enigmail for encrypting email.
Pidgin+OTR for encrypted instant messaging.

I don't use any paid or closed source security solutions, and I will not use them.

 

Whoops, i messed up the thread title.

 

Observations.

Although the threat models of TrueCrypt and AxCrypt are different, AxCrypt -- assuming the implementation is proper and secure -- actually satisfies stronger notions of cryptographic security, since it MACs a ciphertext for integrity; in TrueCrypt's case, there's no MAC, due to obvious storage constraints, so it relies on "poor-man's authentication" as provided by narrow-block encryption modes, like XTS.

Moving to wide-block encryption modes, like EME, is the logical progression, and would make for better integrity protection. I've mentioned this to ennead and syncon, but have been met with no response.

(This isn't meant to be an "AxCrypt is better than TrueCrypt" comparison; that wouldn't be fair, given their two different threat models. It's simply an observation in regards to the cryptographic primitives and compositions involved, respectively. However, I do appreciate AxCrypt's minimalist approach; there's really no need to add complexity to an implementation with all sorts of primitives and cascades thereof.)

Oh, and as for DriveCrypt, SecurStar's presentation is saturated with such nonsense that I highly question the presence of any cryptographically competent designers behind the scenes.

 

So although axcrypt has a lot less options, it is still more secure?

 

Less is more.

Of course, assuming that the implementations are secure, that is exactly right, and we can look to history for confirmation. Whenever cryptography falls apart in practice, it's almost never because of the cryptography itself; it's because of the implementation, and complexity is almost always the culprit. The more options you have, the more complexity you have; complexity is security's worst enemy. Unfortunately, folks tend to overestimate the application of cryptography, because it's sexier. More looks like it would be better, but when it comes to security -- cryptography included -- less is more.

Why? Because security's effectiveness is dictated by the soundness of its implementation, so any approach to this kind of application should be implementation-centric. I prefer a design paradigm I've dubbed "green cryptography," which is based on mature (security) and minimalist (simplicity), primitive-recycled design. E.g., AES-CTR + CMAC-AES is much more cryptographically secure than a dozen block ciphers -- going solo or in a cascade. AxCrypt follows that principle much better -- a principle of which I'm compiling into a paper that will feature the collaborative insight of Vincent Rijmen.

I do my best to educate folks on the fact that piling on cryptography is not the answer; in fact, cryptography is usually the strongest link of any system, so leave it be. After all, what good is layering three ballistic vests against a headshot? TrueCrypt isn't more secure because it has more options, nor is AxCrypt less secure because it has fewer options. Fewer options is the right approach. (This isn't a personal endorsement, as I use neither application.)

 

I use Axcrypt, not because I know anything about such software but because it's a simple matter of selecting files, using a good, strong password and it's done. I like the simplicity of it. I use a 10 digit password, composed of numbers and a mix of upper and lower case lettering.

That might not prevent Uncle Sam from getting in, but I'm only using it for my income tax info and a couple of manuscripts and a screenplay I'm working on.

 

Can you please let us know what you use, if any?

 

Hi Warlockz,

Until he can post for himself, look at his past posts and it will give you a good idea. Justin knows his stuff.

 

What I use.

I experiment with products from PGP Corporation, and, of course, use GnuPG from time to time. Otherwise, I try to minimize the amount of valuable information I store on the machines I have online - mobile or stationary. My philosophy is: First, you minimize; then you encrypt.

(Actually, what I want to remain confidential I have inscribed on the hair follicles of Chuck Norris's beard using an ink that only becomes readable once it's exposed to his tears. In essence, it's a zero-time pad.)