File Lock PEA - Filesystem-Level Encryption

File and Folder Encryption

File Lock PEA (PEA = Password Encrypting Archive) encrypts data at the filesystem level and offers the possibility to decrypt single files or whole directories temporarily.
The program consists of a single archive file. Installation is not required.

Window with menu displaying several file names to open and a password field Password dialog to open encrypted files and folders


Features

Main Features

Privacy Protection

Confidentiality through encryption: Files and folders are individually selected for decryption when they are needed.

Cloud Support

Save your files in the cloud and upload new versions using several cloud providers. All data remain encrypted during this process.

Authenticated Encryption

Protects the integrity of the data by an authenticated encryption mode. This guarantees that the data has not been manipulated.

Key File

Add a second factor besides the password and protect your data additionally with a key file. Store this key file wherever you want.

Metadata Hiding

Many metadata can be masked: File names and other data can be made invisible by encrypting them in zip files.

Virtual keyboard against Keyloggers

Provides an internal on-screen keyboard to protect against hardware keyloggers as well against some software keyloggers.

Additional Features

  • penguen  window  apple  Platform independent: Runs on all systems with a Java runtime environment

  • lock  Timer to encrypt the files automatically after a certain period of time

  • lock  Uses a memory-hard key derivation function that defends custom-hardware attacks

  • wrench  Adjustability for colors, font sizes, calendar view

  • c as code  All source code is open source, including the libraries used

  • chart  Measures the quality of new passwords during input by a password strength meter. Indicates their strength by colored bars

  • shuffle  Combines System Entropy with its own Entropy Source

  • table  Offers character tables to enlarge the character set of passwords

  • lock  Starting the program in the console and quick start with scripts

The program consists of a single archive file. Installation or registration is not required.


Cardano ADA
Many thanks!

Cardano address for ADAs:

addr1qyl2rve0dgzw93t23ru9lruvr9z7wmdkjhpn7p2z3h0ks9hatqasgrrxwrkae2r2ccs77pxt028s90mep27za25566esr9r3an

Cardano ADA QR code
Bitcoin
Many thanks!

Bitcoin address:

bc1q08w7z5xg9xmeq6q3kp8d3qv06cd0hx2wnnhswk

Bitcoin QR code

Disk Encryption and File-Level Encryption

Disk encryption programs protect hard disk, partitions or other storage media. File Lock PEA is not intended to replace disk encryption, but to complement it. Common Open Source hard disk encryption programs are:

For a comparison between TrueCrypt, VeraCrypt and CipherShed see this article.

Disk encryption is usually very fast: these programs can encrypt large amounts of data in a relatively short time. This is probably the biggest advantage over file encryption programs that operate on filesystem level rather than on disk sectors. Disk encryption programs are therefore normally around a multiple faster than file encryption programs.

One problem, however, is that the protection of all the data is restricted, not only for the file that is needed. The data which are not used are still encrypted, but you can easily access them - the door was opened. To take a short look in a small text file, the entire partition remains with restricted protection.

Another disadvantage of disk encryption is the protection of the data integrity. Authenticated encryption for disk encryption is technically very demanding. The vast majority of these programs do not protect the integrity of the data. An exception is Geli (available for FreeBSD).

On the other hand, file encryption programs involve other problems:

Disk encryption programs are the first choice to protect data against loss. But once the system is running, decryption of single files makes perhaps more sense.
The File Lock PEA is designed exactly for this purpose - for large amounts of data, it is not suitable, however.

File Lock PEA 1.5 (stable):




Key Derivation Functions: Catena-Dragonfly, Argon2
Ciphers (EAX-Mode): Threefish, AES-256, Serpent
Hash Functions: Blake2b, SHA-3, SHA-512

For old versions and version log see the Version Log Site.


Window displaying several file names of decrypted files File Lock PEA

If the File Lock PEA does not meet your expectations, there is a wide range of open-source programs with similar purposes. Some of them are discussed in Alternatives to File Lock PEA.


How to use

Start the Jar Archive

You need OpenJDK, Java Runtime Environment (JRE) or something similar. On most systems there is at least one available.
These PEAs are single Java jar archives, a file with the extension "jar". If you are familiar with jar archives, you can skip the following part.

Linux, BSD systems and Mac OS and other UNIX like systems: unpack the compressed download file (tar or unzip), store it for example in your home folder, change in the directory in console and type: java -jar YOUR_ARCHIVE.jar or try to double click the file unix_start_helper.sh.
Windows: Normally you can open the jar archive just by a double click. But sometimes other programs overwrites this possibility and instead unpack the jar archive. In this case you can change the default program to open a jar archive or use the terminal, change in the directory of your archive and type java -jar YOUR_ARCHIVE.jar or try to double click the file windows_start_helper.bat
Dialog with two password fields Initializing File Lock PEA

Initialization: First Start

The first time you start the File Lock PEA, the program will initialize. You are asked for a password and at least one file.
You can reset the password later in the menu.



Thanks to all who have improved, tested or reviewed File Lock PEA or other PEAs.