Portable File and Media Encryption Tool

Download FREE limited edition

Windows 7,8,10


Premium Version includes build-in picture viewer, video player and text editor for direct viewing and editing encrypted files


How secure is the CrypTEA Encryption?
CrypTEA uses modern multi-layered encryption schemes in a chained mode with high quality random IV generator.
As with any AES (Advanced Encryption Standard) algorithm the passwords simply can’t be reversed from the encrypted file itself.
The encrypted files will look like a random noise when observed in a binary editor, the files do not have any header or any single recognizable point of entry. If you encrypt two exact copies of the same file with the exact same password, both of the encrypted files will be 100% different from each other – an easy test for high quality encryption.

As with any modern cryptography, your password is the only single weakest point, not the encryption used. (Can it be guessed? Is it short so it can be brute forced by trial and error?).

But there is also another important and way too overlooked protection called plausibly deniable encryption. If it is obvious that you have secret files that someone wants, then the easiest method to crack your password is often also the simplest and fastest. No need for super-computers.
This classic MEME security cartoon describes it most accurately:

After all the nerd talk, this brings us to the most significant part of what makes good encryption work for most situations:
There is no way to tell if the CrypTEA encrypted files are in fact encrypted files.

How does CrypTEA protects against data thieves, malware or ransomware?
A malware or ransomware would seek any valuable files such as images, documents, videos and then use them as a hostage, demanding payment from you before unlocking them. The key is that malicious software needs to determine if the files are valuable. As we discussed before, CrypTEA encrypted files and folders look like non-important data in both naming convention as well as through deep analysis.
Similarly a data thief would focus attention to files that are potentially valuable to sell it to third party or hold as hostage.

There is also a type of ransomware that locks the entire drive. In this case only a proper backup is the best defense, and in fact you should always start with proper data backup regardless if you think your data are vulnerable or not. It may not be malware, it can easily be a hardware error that could be the cause of your data loss.

Is it necessary to encrypt data for Cloud storage?
All modern Cloud solutions store your files encrypted and also encrypt the transmission of the data. Lack of encryption on the server end is not a problem. However the Cloud centers also fully control the encryption keys, not you. That itself is still probably fine if you trust them not to misuse the keys.  But the most important part is that these files are then synced and viewed on your computers, smart phones and tablets in almost uncontrollable fashion. To give you an easy and user friendly access, browsers and apps will keep doors open to your cloud for long time. In fact anybody who can get to you phone or your tablet has likely full access to all your Cloud data as well. If you store valuable data on Cloud, remember it may not be your computer but the mobile devices that are the weakest link. It is like putting five padlocks on your front door and then secure your windows and back door with a duct tape.
A secondary encryption of any valuable data on the Cloud is very important.

Does the software include any backdoors, “ad-ware” or other unwanted things?
Absolutely not. This is a tool that was developed for our own use and one of the reason for making our own encryption tool was that we know for sure there are no backdoors or master keys or anything we don’t want by ourselves.

On how many computers can I install/copy the full version?
The full version is sold as Household License, which means you are free to use it on each and every of your household computers without limitation. There is also no activation or registration code (after registration you get an access link and password to download the full version) This simplifies the process and keeps the application fully portable as you don’t have to worry about remembering registration codes etc.

Can the Password be Recovered if lost?
No it cannot. There is simply no way. The password is not stored anywhere, it cannot be reversed from the data and there is no mechanism to decrypt the files without correct password.
So the point is, don’t lose your password.

What is the difference between the full and free version?
The difference table is on the main CrypTEA Page. The full version includes Secure text and image viewers, recovery record etc…

What is Secure Text editor and Secure Image preview? (Full Version)
CrypTEA full version has build-in internal secure text editor and image viewers for most common formats, including animated gifs. While using windows image preview or text editor require the file to be decrypted somewhere first (an obvious security risk), the internal editor and viewer works directly on the encrypted file in the memory. No traces of decrypted files are stored on the host computer. Additionally the internal text editor can save changes back to encrypted file – so it is ideal for keeping quick notes such as web site passwords, credit card numbers etc…

How does the recovery record works? (Full Version)
A common disadvantage of all encrypted files (and that also apply to any compressed files such as zip or rar) is their higher vulnerability to transmission or disk errors. A single flipped bit somewhere in the file means the file can’t be decrypted or decompressed at all. So we have an optional recovery record block that can be added to each encrypted file.
If the file gets partially damaged because of the transmission or disk error there is a good chance the file can be restored back to its original encrypted state. This has little overhead as the recovery is set to be less than 1% of encrypted data. This is usually enough to fight most probable file failures that spans across few disc sectors. The recovery record has no security risks because it is generated from the ENCRYPTED data. That means a damaged encrypted file can be recovered only into undamaged encrypted file. But you still need the password to decrypt it.

Should I use recovery record on all files? (Full Version)
You can use recovery record mostly on encrypted files that could not be easily replaced if damaged or are not regularly backed up. For example there is not much need to add recovery record on encrypted files if an easy access to their backup exist somewhere (source code with regular backup, images with existing backup etc). On the other hand if the encrypted files are used as the backup itself for example in the cloud, it would be wise to put a recovery record which will increase the chance of successful recovery of that backup if something happened.

Are the encrypted files compatible between free and full version
Yes, you can encrypt in one and decrypt in the other and vice versa.

Copying Encrypted folders/files to the media (USB, NAS, Cloud)
Because the file names are encrypted as well, it is not easy to determine certain file or folder names in Windows Explorer. In CrypTEA Explorer, enter your password in the Tools->Enter Password and you will be able to see the readable file names.
Copy by Drag and Drop: You can now drag and drop the readable files from the list to the Windows Explorer. They will be still copied to destination as encrypted files.
Copy/Paste. In CrypTEA, right click on any folder (in the tree or in the list) and select Copy. Then in your Windows Explorer navigate to the destination, right click and select Paste. Again what will be pasted will be encrypted files.

Note: With both methods the encrypted versions will be copied over to the destination (the copy operations will not decrypt them) Also the software has been specifically designed to be able to encrypt/decrypt files on the NAS or USB media directly.

What is the Integrity Test
CrypTEA can be verified by users to make sure that the encryption/decryption scheme works. Simply open any folder in the CrypTEA Explorer and use the Integrity Test.
One-by-one a copy of all the files in the folder and sub-folders will be encrypted, then decrypted and the decrypted file will be bit-by-bit compared with the original. Obviously the files should be the same. If not then the software would be worthless. We run it through many hundreds of gigabytes of data without a single issue.

Is there a limit for a single file size?
The CrypTEA was developed to handle hundreds of thousands of small files – such as development code for storage and archival on NAS and Cloud where we can easily and quickly decrypt any part. There is a 4GB hard limit for a single file in the CrypTEA because it doesn’t make much sense to encrypt such huge single chunks of data.
CrypTEA will simply skip any file that is > 4GB. This is only a set limitation to avoid accidentally encrypting TrueCrypt, ISO files and other large backup archives that may be on discs.

What is the difference between CrypTEA file/folder encryption and volume encryption such as TrueCrypt or BitLocker
The goal of CrypTEA is to have immediate random access to thousands of encrypted files and folders and assure their easy portability and backup. For example you can copy or move only some of the CrypTEA encrypted files and folders elsewhere, including the USB memory, SD card, NAT drives or Cloud (and they still stay encrypted).
On the other hand a virtual file/volume encryption such as TrueCrypt or BitLocker creates one very large file volume which makes them non-portable and non-archival from the practical point of view (they span into multiples of GB) and mostly impossible or impractical to use in the Cloud due to large files.

Simple Versioning and Static names
CrypTEA was developed initially  for in-place encryption. You can use it for backup encryption where you have few options. By default each time you encrypt files they will be generated with different randomized encrypted file name.
This together with the Keep file date attributes (full version) can work as a quick and simple versioning backup – that means you can keep adding new encrypted versions of the same file to the backup folder and they will not overwrite the old ones. Keep file date will allow to differentiate between the versions. This may be not necessary what you want and for this reason an option to set the Random Filenames to OFF was added. The files will be then always generated with the same encrypted file name, thus allowing you to replace the old encrypted files with the new ones.
Note: There is no relationship between encrypted file names and the password used to encrypt the content of the file.

How is CrypTEA portable
CrypTEA is distributed as installation and as a portable file. There are couple of options:

  • you can simply take only the EXE file from the installed directory (free or full version) without any other DLL files and copy it as a portable file to USB drive etc….
    All functionality will be preserved, except the internal video and audio player
  • use the portable exe that also include multimedia player for video and audio files

Audio and Video playback
Full version of CrypTEA allows you to directly play encrypted video and audio files. The player is asynchronous (or streaming) so it will start playing quickly without waiting for the file to be entirely decrypted. The video scroll bar will show “buffering” text as the video is being played. It is similar to the way files are streamed over the network or streaming services like Netflix.
Very few video formats such as some WMV need to be decrypted first in their entirety as they are not build to be able to stream, in which case CrypTea will have to wait until the whole video is decrypted before playing.