Alternatives to Image Lock PEAs of Peafactory

I will introduce only open source programs. This is not only because I don't want to make any advertisements for commercial products, but also due to the fact that closed source security software is not very trustworthy. There is no chance to check for bugs, backdoors, weak cryptography...


Screenshot of NPPCrypt

LockImage tries to the implement the concept of Steganos LockNote for images and converts images to password protected executables with embedded viewer.
But it does use Microsoft library instead of the Crypto++ library and not the underlying cryptography of LockNote.
Downloads of the program and source code can be found here.

LockImage is small (exe file is 32 KiB) and easy to use.
The drawback is - like LockNote - the underlying cryptography. The Scheme of LockImage is even worse.
LockNote uses a simple SHA256 hash instead of a key derivation function, but LockImage uses just a Unicode Encoding to derive the key and even if the password is relatively strong, it is truncated to 8 characters.
Code from LockImage/Encryption/RijndaelEncryptionEngine.cs:

        byte[] IEncryptionEngine.Encrypt(byte[] arrayToEncrypt, String password)
            MemoryStream inStream = new MemoryStream(arrayToEncrypt);
            MemoryStream outStream = new MemoryStream();

            Rijndael RijndaelAlg = Rijndael.Create();
            byte[] key = this.generateKey(password);
            CryptoStream cStream = new CryptoStream(outStream,
                                               RijndaelAlg.CreateEncryptor(key, key),
        private byte[] generateKey(String password)
            if (password.Length > 8)
                password = password.Substring(0, 8);
            else if (password.Length < 8)
                int add = 8 - password.Length;
                for (int i = 0; i < add; i++)
                    password = password + i;

            UnicodeEncoding UE = new UnicodeEncoding();
            return UE.GetBytes(password);


The program is easy to use, but the encryption is nearly valueless.
I found at the programers TO DO the enhancement of the scheme, so maybe one day the encryption will withstand anything.

Other Alternatives

There are less alternative programs than encrypted editors.
I found some commercial closed source programs like PhotoCrypt which claims:

"[...] The encryption is impossible to bypass! A computer master has tried 45 min to crack it but finally gave up. Nobody can get access to the encrypted images without password. [...]"

I can not see the source code, but I guess the commercial programs are even worse in terms of security.

There is also PRIVATE under Freemium License for Windows phones. I could not found even a description of the underlying cryptography. It seems unlikely that it is better.