How to encrypt and hide a hard disk partition using CyberSafe

    Using CyberSafe, you can encrypt not only individual files. The program allows you to encrypt an entire section of the hard drive or an entire external drive (for example, a USB drive or USB flash drive). This article will show how to encrypt and hide the encrypted partition of the hard drive from prying eyes.

    Spies, paranoid and ordinary users

    Who will benefit from partition encryption? We’ll immediately discard the spies and paranoid. The first is not so much and the need for data encryption is purely professional. The second is just to encrypt, hide something, etc. Although there is no real threat and the encrypted data is of no interest to anyone, they still encrypt it. That is why we are interested in ordinary users, which, I hope, will be more than spies with paranoiacs.
    A typical partition encryption scenario is computer sharing. There are two options for using the CyberSafe program: either each of the users working on the computer creates a virtual disk or each one takes a partition on the hard disk to store personal files and encrypts it. About creating virtual disks has already beenIt’s written , and in this article we will talk about encrypting the entire section.
    Suppose there is a 500 GB hard drive and there are three users who periodically work with the computer. Despite the fact that the NTFS file system still supports access rights and allows you to restrict one user access to the files of another user, its protection is not enough. Indeed, one of these three users will have administrator rights and he will be able to access the files of the remaining two users.
    Therefore, the hard disk space can be divided as follows:
    • About 200 GB is a common partition. This section will also be a system partition. An operating system, a program will be installed on it and shared files of all three users will be stored.
    • Three sections of ~ 100 GB - I think 100 GB is enough to store each user's personal files. Each of these sections will be encrypted, and only the user who encrypted this section will know the password for access to the encrypted section. At the same time, the administrator, with all his desire, will not be able to decrypt the section of another user and gain access to his files. Yes, if desired, the administrator can format the partition and even delete it, but he can only gain access if he deceives the user’s password with a trick. But, I think, this will not happen, therefore partition encryption is a much more effective measure than the differentiation of access rights using NTFS.

    Partition encryption vs virtual encrypted drives

    Which is better - to encrypt partitions or use virtual encrypted drives? Here everyone decides for himself, since each method has its advantages and disadvantages. Partition encryption is as strong as virtual disk encryption and vice versa.
    What is a virtual disk? Look at it as an archive with a password and compression ratio of 0. But the files inside this archive are encrypted much more securely than in a regular archive. The virtual disk is stored on the hard disk as a file. In the CyberSafe program, you need to open and mount a virtual disk and then you can work with it like a regular disk.
    The advantage of a virtual disk is that it can be easily copied to another hard drive or USB flash drive (if size allows). For example, you can create a 4 GB virtual disk (there are no restrictions on the size of the virtual disk, except for natural ones) and, if necessary, copy the virtual disk file to a USB flash drive or to an external hard drive. With an encrypted partition, you can’t do this. You can also hide the virtual disk file .
    Of course, if necessary, you can create an image of an encrypted disk - in case you want to backup it or move it to another computer. But this is another story. If you have a similar need, I recommend the Clonezilla program - an already reliable and proven solution. Transferring an encrypted partition to another computer is a more complicated undertaking than transferring a virtual disk. If there is such a need, it is easier to use virtual disks.
    In the case of partition encryption, the entire partition is physically encrypted. When mounting this section, you will need to enter a password, after which it will be possible to work with the section, as usual, that is, read and write files.
    Which way to choose? If you can afford to encrypt the partition, then you can choose this method. It is also better to encrypt the entire section if the size of your secret documents is quite large.
    But there are situations when it is impossible to use the entire section or it makes no sense. For example, you have only one partition (drive C :) on the hard drive and for one reason or another (no rights, for example, because the computer is not yours), you cannot or do not want to change its layout, then you need to use virtual disks. It makes no sense to encrypt the entire section if the size of the documents (files) that you need to encrypt is small - a few gigabytes. I think we figured this out, so it's time to talk about which partitions (disks) can be encrypted.

    Supported Drive Types

    You can encrypt the following types of media:
    • Hard disk partitions formatted on FAT, FAT32, and NTFS file systems.
    • Flash drives, external USB drives, excluding drives representing mobile phones, digital cameras, and audio players.

    Cannot encrypt:
    • CD / DVD-RW-disks, floppy disks
    • Dynamic drives
    • System drive (from which Windows boots)

    Starting with Windows XP, Windows supports dynamic disks. Dynamic disks allow you to combine several physical hard drives (similar to LVM in Windows). Such disks cannot be encrypted by the program.

    Features of working with an encrypted disk

    Imagine that you have already encrypted the hard drive partition. To work with files on an encrypted partition, you need to mount it. When mounting, the program will ask you for the password for the encrypted drive specified when encrypting it. Having worked with an encrypted drive, you need to unmount it immediately, otherwise the files will remain available to users who have physical access to your computer.
    In other words, encryption protects your files only when the encrypted partition is unmounted. When a partition is mounted, anyone who has physical access to the computer can copy files from it to an unencrypted partition, a USB drive or an external hard drive, and the files will not be encrypted. Therefore, when you work with an encrypted drive, make it a habit to always unmount it every time you leave your computer, even for a while! After you unmount the encrypted drive, your files will be under reliable protection.
    As for performance, when working with an encrypted partition, it will be lower. How much lower depends on the capabilities of your computer, but the system will remain operational and just have to wait a little longer than usual (especially when you copy large files to an encrypted partition).

    Getting ready for encryption

    The first step is to get the UPS somewhere. If you have a laptop, everything is fine, but if you have a regular desktop computer and you want to encrypt a section on which there are already files, then encryption will take some time. If the lights are turned off during this time, then data loss is guaranteed to you. Therefore, if you do not have a UPS capable of withstanding several hours of battery life, I recommend doing the following:
    • Back up your data, for example, to an external hard drive. Then you will have to get rid of this copy (preferably after deleting the data from an unencrypted disk, wipe the free space with a utility like Piriform so that it is impossible to recover deleted files), because if it exists, it makes no sense to have an encrypted copy of the data.
    • Transfer the data to the encrypted disk from the copy after the disk is encrypted. Format the disk and encrypt it. Actually, you don’t need to format it separately - CyberSafe will do it for you, but more on that later.

    If you have a laptop and you are ready to continue without creating a backup copy of the data (I would recommend making one just in case), be sure to check the disk for errors, even if it is a standard Windows utility. Only after that you need to start encrypting the partition / disk.

    Partition Encryption: Practice

    So, a theory without practice is pointless, so let's start encrypting the partition / disk. Run the CyberSafe program and go to the Drive Encryption section , Encrypt section (Fig. 1).

    Fig. 1. List of partitions / disks of your computer

    Select the partition you want to encrypt. If the Create button is inactive, then this section cannot be encrypted. For example, it can be a system partition or a dynamic disk. Also, you cannot encrypt multiple disks at the same time. If you need to encrypt several disks, then the encryption operation must be repeated one by one.
    Click the Create button . Next, the Crypto Disk window will open(fig. 2). It is necessary to enter a password in it, which will be used to decrypt the drive when it is mounted. When entering the password, check the case of the characters (so that the Caps Lock key is not pressed) and the layout. If no one is behind, you can turn on the Show password switch .

    Fig. 2. Crypto Disk

    From the list of Encryption Type, you need to select an algorithm - AES or GOST. Both algorithms are reliable, but in state organizations it is customary to use only GOST. On your own computer or in a commercial organization, you are free to use any of the algorithms.
    If there is information on the disk and you want to save it, turn on the Save file structure and data switch. Please note that in this case, disk encryption time will increase significantly. On the other hand, if the encrypted files, say, are located on an external hard drive, then you still have to copy them to an encrypted drive to encrypt them, and copying with encryption on the fly will also take some time. If you did not back up the data, be sure to check the box and select the Save file structure and data check box , otherwise you will lose all your data.
    Other parameters in the Crypto Disk window can be left by default. Namely, the entire available size of the device will be used and quick formatting to the NTFS file system will be performed. To start encryption, click Accept. The encryption process will be displayed in the main program window.

    Fig. 3. The progress of the encryption process

    After the disk is encrypted, you will see its status - encrypted, hidden (Fig. 4). This means that your disk has been encrypted and hidden - it will not be displayed in Explorer and other high-level file managers, but it will be visible to programs for working with the partition table. No need to hope that since the disk is hidden, no one will find it. All disks hidden by the program will be displayed in the Disk Management snap-in.(see. Fig. 5) and other programs for marking the disk. Please note that in this snap-in the encrypted partition is displayed as a partition with the RAW file system, that is, without the file system at all. This is normal - after encrypting a partition, Windows cannot determine its type. However, hiding the section is necessary for completely different reasons, and then you will understand why.

    Fig. 4. Disk status: encrypted, hidden. Section E: is not displayed in Windows Explorer

    Fig. 5.

    Equipment Disk Management Now mount the partition. Highlight it and click the Restore button . to make the partition visible again (the state of the disk will be changed to simply " encrypted ""). Windows will see this section, but since it cannot recognize the type of its file system, it will offer to format it (Fig. 6). This cannot be done in any case, since you will lose all the data. That is why the program hides the encrypted drives - because if you are working not only to you, another user can format the alleged failure to read the disk partition on the computer.

    Fig. 6. Proposal format encrypted partition

    from formatted, of course, refuse and push button mounted . mainly Cyb window erSafe Next, you will need to select the drive letter through which you will access the encrypted partition (Fig. 7)

    Fig. 7. Select the drive letter

    After that, the program will ask you to enter the password necessary to decrypt your data (Fig. 8). The decrypted partition (disk) appears in the Connected decrypted devices area (Fig. 9).

    Fig. 8. Password to decrypt the section

    Fig. 9. Connected decrypted devices

    After that, it will be possible to work with the decrypted disk as with a regular one. Only Z drive will be displayed in Explorer: - I assigned the decrypted drive to this letter. Encrypted Drive E: Will not be displayed.

    Fig. 10. Explorer - view computer disks

    Now you can open the mounted disk and copy all the secret files onto it (just remember to delete them from the original source and wipe free space on it).
    When you need to complete work with our section, either click the Dismantle button . and then the Hide button or just close the CyberSafe window. As for me, it’s easier to close the program window. Of course, you do not need to close the program window during the copy / move file operation. Nothing terrible and irreparable will happen, just part of the files will not be copied to your encrypted drive.

    About performance

    It is clear that the performance of an encrypted drive will be lower than normal. But how much? In fig. 11 I copied my user profile folder (where there are many small files) from C: drive to Z: encrypted drive. Copy speed is shown in fig. 11 - approximately at the level of 1.3 MB / s. This means that 1 GB of small files will be copied for approximately 787 seconds, i.e. 13 minutes. If you copy the same folder to an unencrypted partition, then the speed will be approximately 1.9 MB / s (Fig. 12). At the end of the copy operation, the speed increased to 2.46 MB / s, but very few files were copied with such speed, so we believe that the speed was at 1.9 MB / s, which is 30% faster. The very 1 GB of small files in our case will be copied in 538 seconds or almost 9 minutes.

    Fig. 11. The speed of copying small files from an unencrypted partition to an encrypted one

    . 12. The speed of copying small files between two unencrypted partitions

    As for large files, you will not feel any difference. In fig. Figure 13 shows the speed of copying a large file (400 MB video file) from one unencrypted partition to another. As you can see, the speed was 11.6 MB / s. And in fig. 14 shows the speed of copying the same file from a regular partition to an encrypted one and it was 11.1 MB / s. The difference is small and is within the margin of error (all the same, the speed varies slightly during the copy operation). For the sake of interest I will inform you the speed of copying the same file from a USB flash drive (not USB 3.0) to the hard drive - about 8 MB / s (there is no screenshot, but trust me).

    Fig. 13. The speed of copying a large file

    Fig. 14. The speed of copying a large file to an encrypted partition

    This test is not entirely accurate, but still allows you to get some idea of ​​performance.
    That's all. I also recommend that you read the article “CyberSafe - ransomware for all occasions” .

    Also popular now: