Windows 11 Certificate-based File Encryption (CrococryptFile with Hardware/Software Token)
HissenIT's CrococryptFile fully supports Windows 11 including crypto suites. Besides classical end-user password-based encryption of files and folders, also the Windows Keystore using certificate tokens can be used. Hence, existing PKI infrastructure components can be used to encrypt file archives quickly also in business groups.
Windows 10 & 11: File Archive Encryption with Certificates
CrococryptFile was created in 2015, coming from years of experience in the enterprise cryptography sector. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile...
- encrypts all file and folder information including filenames, time/date and filesize information,
- disguises any information of the archive's content, because all data and meta-data is simply integrated into a giant file dump.
Besides password-based encryption and even cloaking files, CrococryptFile also supports the usage of certificate tokens like SmartCards (if applicable) or Software Tokens like PKCS12/.p12. Even the PKCS11 interface might be possible to adapt upon request.
In the following examples, we use a S/MIME certificate that is stored in the personal certificate store on Windows 11 or 10. Using PGP/OpenPGP keys is also possible.
Being an open-source solution does not exclude CrococryptFile from being used in business or enterprise environments. On request, connecting to LDAP or Active Directory
to receive group member certificates is possible using a commercial extension to CrococryptFile.
Being open-source is a strength and advantage for longevity and sustainability is business contexts!
Further Information: CrococryptFile Homepage and CrococryptFile for Business
Windows 10 Workflow Video
Windows 11 Workflow in Screenshots
Select the file(s) and/or folder(s) to encrypt:
Right click on your selection. Now, if you run Windows 11 in its default configuration, you will not see the extended context menu as in Windows 10 or before right away. You have to click on "Show more options". However, in the taskbar settings, you can bring back the beloved "standard" Windows Explorer context menu if you like.
If you selected a single item, you can directly click on "Encrypt with CrococryptFile". With multiple items, you just have to use "Sent to" and click on "CrococryptFile".
Provide a destination filename and select "Windows Keystore (RSA-AES-256)" in the list of crypto suites:
Select a recipient certificate:
To decrypt, just double-click the encrypted file. In case of RSA, the certificate token is used automatically for decryption. Depending on your system settings you might be asked to provide a token PIN or passphrase.
About HissenIT
HissenIT is a small business focussing on software development for small and medium sized companies. The portfolio includes individual automatization, e.g., data import/export, and cryptography consulting & development.
Keywords
Windows 11, Windows 10, File/Folder/Directory Encryption (recursively, multiple), Keystore, X.509, X.509v3, Certificates, PKI, SmartCard, Hardware Token, Softtoken, PKCS12, .p12, P12, PKCS#11, PGP, OpenPGP Keyrings/Truststore, RSA, Public Key, LDAP, Microsoft Active Directory
Categories: IT Security Background articles Development/Java News
Comments
Post your comment
Share
If you like this page, it would be a great thing if you share it with others:
reddit
Digg
StumbleUpon
XING
WhatsApp
Telegram