File Lock PEA - Filesystem-Level Encryption

Pea with lock

File Lock PEA

Password Encryption Archive (PEA)

Type: Password Encryption,
Encryption Program for File-Level Encryption password encryption, file encryption, folder encryption, directory encryption, Security, Integrity, Confidentiality, Java

Available languages: english, german

Download: File Lock PEA 0.1 as zip file

Screenshots: password dialog, File Lock PEA,

Used library: Bouncy Castle lightweight cryptography API

Current version: 0.1

Requires Java Runtime Environment (JRE) or OpenJDK 6 or higher

Size: about 200 KiB

Available cryptographic Algorithms:
  • Key derivation:
    • Catena-Dragonfly
    • Catena-Butterfly
    • Scrypt
    • Pomelo
    • Bcrypt
  • Cipher in EAX mode:
    • AES
    • Threefish
    • Twofish
  • Hash function:
    • Blake2b
    • SHA-512
    • Skein

OS: Linux, BSD, Windows, Mac and any OS with JVM

Author:

Published:

License: Gnu Public License

Source Code (Download): File Lock PEA 0.1 (source code) as zip file

File and Folder Encryption

File Lock PEA (PEA = Password Encrypting Archive) encrypts data at the filesystem level and offers the possibility to decrypt single files or whole directories temporarily.
The program is small and consists of a single archive file. Installation is not required.

The File Lock PEA
  • runs on nearly all operating systems with a Java Runtime Environment,

  • uses functions to derive the key from the password, that can also protect against custom-hardware attacks, reducing one vulnerability of password-based encryption programs,

  • protects the integrity of the data by an authenticated encryption (EAX mode) in addition to the confidentiality and prevents unauthorized and unnoticed tampering of the data,

  • can be used in combination with the other PEAs (Notebook PEA, Image Lock PEA) for certain file types (text, images) and offers the option, to decrypt the data either in memory (RAM) or on the hard disk.
File Lock PEA File Lock PEA

Disk Encryption and File-Level Encryption

Disk encryption programs protect hard disk, partitions or other storage media. File Lock PEA is not intended to replace disk encryption, but to complement it. Common Open Source hard disk encryption programs are:

Disk encryption is usually very fast: these programs can encrypt large amounts of data in a relatively short time. This is probably the biggest advantage over file encryption programs that operate on filesystem level rather than on disk sectors. Disk encryption programs are therefore normally around a multiple faster than file encryption programs.

One problem, however, is that all the data must be decrypted, not only the file that is needed. To take a short look in a small text file, the entire partition remains without protection.

Another disadvantage of disk encryption is the protection of the data integrity. Authenticated encryption for disk encryption is technically very demanding. The vast majority of these programs do not protect the integrity of the data. An exception is Geli (available for FreeBSD).

On the other hand, file encryption programs involve other problems:
  • The operating system may store temporary files, which are not encrypted,
  • encrypting individual files is more error prone to users,
  • file names and metadata are normally not encrypted.

Disk encryption programs are the first choice to protect data against loss. But once the system is running, decryption of individual files makes more sense.
The File Lock PEA is designed exactly for this purpose - for large amounts of data, it is not suitable, however.

Download Optionen for File Lock PEA 0.1 (stable):

Password-Dialog Password dialog to open the File Lock PEA
Key Derivation Function: Catena-Dragonfly
Chipher (EAX-Mode): Threefish
Hash Function: Blake2b
(Size: 207 KiB)
MD5 checksum: 859d1d117274c9f240ce35b07b22480c
SHA-256: d976606bf87e6364002ab1caf87f0330c3cf2593e9faba2552e5fbefa57a32c1
(Size: 207 KiB)
MD5 checksum: 8ad62309e0cdb2df16bb003278dfda23
SHA-256: 071ea2bd6db85847f516c844479957231e451c10bf28054ae71d15aff3c5cc4f

Downloads for other Cryptographic Primitives:
Key Derivation - Cipher - Hash (zip file)
If the File Lock PEA does not meet your expectations, there is a wide range of open-source programs with similar purposes:

How to use

Start the Jar Archive

You need OpenJDK, Java Runtime Environment (JRE) or something similar. On most systems there is at least one available.
These PEAs are single Java jar archives, a file with the extension "jar". If you are familiar with jar archives, you can skip the following part.

Linux, BSD systems and Mac OS and other UNIX like systems: unpack the compressed download file (tar or unzip), store it for example in your home folder, change in the directory in konsole and type: java -jar YOUR_ARCHIVE.jar or try to double click the file unix_start_filePEA.sh.
Windows: Normally you can open the jar archive just by a double click. But sometimes other programs overwrites this possibility and instead unpack the jar archive. In this case you can change the default program to open a jar archive or use the terminal, change in the directory of your archive and type java -jar YOUR_ARCHIVE.jar or try to double click the file windows_start_filePEA.bat
opened file lock PEA Initializing File Lock PEA
Initialization: First Start

The first time you start the File Lock PEA, the program will initialize. You are asked for a password and at least one file.
You can reset the password later in the menu.

PeaFactory

Pea Producing Factory

File Lock PEA is part of the PeaFactory, a program to produce password encrypting archives for several purposes.
Like the File Lock PEA PeaFactory is open source and is available at the PeaFactory Website. With PeaFactory you can create File Lock PEAs with much more cryptographic algorithms, File Lock PEAs with a key file property and also PEAs for image encryption or encrypted notes.