Private Disk Explained

Private Disk is a disk encryption application for the Microsoft Windows operating system, developed by Dekart SRL. It works by creating a virtual drive, the contents of which is encrypted on-the-fly; other software can use the drive as if it were a usual one.

One of Private Disk's key selling points is in its ease of use, which is achieved by hiding complexity from the end user^[1] (e.g. data wiping is applied transparently when an encrypted image is deleted.) This simplicity does however reduce its flexibility in some respects (e.g. it only allows the use of AES-256 encryption.)

Although Private Disk uses a NIST certified implementation of the AES^[2] and SHA-256/384/512^[3] algorithms, this certification is restricted to a single component of Private Disk; the encryption/hash library used^{[4] [5]} and not to Private Disk as a complete system.

Feature highlights

• NIST-certified implementation of AES-256-bit, and SHA-2. Private Disk complies with FIPS 197 and FIPS 180-2
• CBC mode with secret IVs is used to encrypt the sectors of the storage volume
• Disk Firewall, an application-level filter, which allows only trusted programs to access the virtual drive
• Ability to run directly from a removable drive, requiring no local installation
• Offers access to encrypted data on any system, even if administrative privileges are not available
• Encrypted images can be accessed on Windows Mobile and Windows CE handhelds; this is achieved by making the encrypted container format compatible with containers used by SecuBox (disk encryption software by Aiko Solutions)
• File wiping is applied when deleting an encrypted image
• PD File Move, a file migration tool, which will locate the specified files on the system and securely move them to an encrypted disk
• Compatibility with Windows 9x and Windows NT operating systems
• Autorun and Autofinish automatically start a program or a script when a virtual disk is mounted or dismounted
• Encrypted backup of an encrypted image
• Password quality meter
• Automatic backup of a disk's encryption key
• Built-in password recovery tool
• Compatibility with 64-bit platforms

Existing versions

There are multiple versions of Private Disk, which provide a different feature set:

• Private Disk - hard disk encryption software that uses 256-bit AES encryption, is highly configurable, offers application-level protection, USB disk portability, etc.
• Private Disk Multifactor is a superset of Private Disk, providing the same functionality, adding support for biometric authentication, as well as smart-card or token-based authentication.
• Private Disk Light is a free version, it uses AES-128 and comes with a restricted set of features.
• Private Disk SDK is a software development kit that can be used to build a custom application which provides data encryption facilities.

See also

• Disk encryption software
• Comparison of disk encryption software

External links

• Dekart company web-page
• Information about certified implementations of the cryptographic algorithms
• Private Disk discussion forum
• Release notes for the latest version

References

1. Web site: Our philosophy. Dekart .
2. Web site: Advanced Encryption Standard Algorithm Validation List . NIST . 2007-06-28 . https://web.archive.org/web/20070205010336/http://cs-www.ncsl.nist.gov/cryptval/aes/aesval.html . 2007-02-05 . dead .
3. Web site: SHS Validation List. NIST. 2007-06-28. https://web.archive.org/web/20070209095201/http://csrc.ncsl.nist.gov/cryptval/shs/shaval.htm. 2007-02-09. dead.
4. Web site: 2002-07-01 . Advanced Encryption Standart Algorithm Validation Certificate . dead . https://web.archive.org/web/20070928120508/http://www.dekart.com/fileadmin/company/Dekart%20NIST-CSE%20AES%20Algorithm%20Certificate.PDF . 2007-09-28 . 2007-07-27.
5. Web site: 2004-10-01 . Secure Hash Standard (SHS). Validation Certificate . dead . https://web.archive.org/web/20070928120402/http://www.dekart.com/fileadmin/company/Secure%20Hash%20Standart.pdf . 2007-09-28 . 2007-07-27.