Wednesday, December 29, 2010


Flexcrypt is a cryptographic toolkit that is used for encryption/decryption of data for individuals and small businesses, for communication and storage of emails, hard drive, instant messaging text, files, folders and others. Flexcrypt has a very smooth step-wise install where the users have to provide simple and straightforward data about the location of install and other details.

Once the installation is complete, Flexcrypt would automatically open up (when the option in the last step of installation to Launch Flexcrypt is enabled). When Flexcrypt runs on your system, you would see the small lock image in your task pane notifications to indicate that it is running.

Once you have installed Flexcrypt, running it and using it every single time is a piece of cake. This is the easiest installation and usage that I have ever seen in the suite of crypto tools I have used in the past. On double-clicking the icon in desktop or from program files, you could open/start Flexcrypt at any point of time.

Navigation to various functions (Start, Text, Email, IM, File and Shared, Drive, Invite, License and Help) provided by Flexcrypt is pretty simple. Functionalities and specifications for Flexcrypt are as follows (Source: ):

Operating systems
• Windows Vista (32-bit and 64-bit versions)
• Windows XP (32-bit and 64-bit versions)
• Windows 7 (32-bit and 64-bit versions)

• English
• German
• Spanish
• Chinese

Email protocols
• POP3

Supported email clients
• All email clients

Email encryption options
• AES 256 bit (as ZIP)

• SHA-2 (up to 512-bit hashes)
• SHA-1
• MD5

Public key algorithm
• Elgamal/DSS (up to 2048)

Supported Instant Message clients

Instant message encryption
• AES 256 bit

File encryption
• AES 256 bit

Hard drive encryption
• AES 256 bit

Text encryption
• AES 256 bit

• US Department of Defense DoD 5220.22-M(ECE)
• 7 passes

USB encryption
• AES 256 bit

Online services
• SSL connection

• Patent pending

Security standards
• Encryption components from .NET are FIPS-140 validated

Besides all the various functionalities, the simplicity of the tool is what I love in this. Strength of the crypto toolkit is not only in the algorithm that is being implemented, but the implementation itself. In this review, we looked over the algorithm and tested the implementation to some extent and we determined that this is one among the fastest implementation of the same. We did not do regression testing or load testing on the app though. The general settings button from the main window takes you into simple set of options, where users can Start/Stop client and services, choose to always start Flexcrypt when computer starts (adding to start-up list), choose the Firewall options to be default or ZoneAlarm.

We did not want to include every single setting for the review, since we would like the users to experience the awesomeness of this tool by themselves. Hence, we have considered one sample usage with text encryption. When users choose to encrypt text using Flexcrypt, they can simply click on Text tab, which would take them to a window. In the text window, you can type the text to be encrypted and choose Encrypt/Decrypt by clicking on the button right below the text window.

Once the text to be encrypted is supplied, click on Encrypt/Decrypt button and you would get the password where you could type (and confirm) a password to be used in encryption. Based on what we observed, it looks like a pass-code that is used to generate the secret key for encrypting the input. Once you have entered the password the encrypted cipher is generated. Users can copy this encrypted cipher from the text panel and use it at their convenience. Decryption routine uses the same process flow, with the encrypted cipher being pasted on the text pane and the same password (used for encryption) should be provided to decrypt and get the original text.

Based on testing Flexcrypt in all the different cases that was determined to be the ones used on daily basis, we observed the following pros:

• Navigation between the tabs/functionalities is really simple.

• It is pretty quick for daily use.

• Demo and sample scenarios provided with proper documentation.

• Pretty strong algorithm implemented.

• Well structured and organized with proper direction.

• Simple settings and easier usage.

We did not observe any cons based on the testing we have done, but these are the generic things to remember that we have observed for apps that are similar.

• Closed source implementation of crypto:

• Strength of the implementation can only determined by blackbox testing.

• Unsure of the exact implementation of the algorithm.

• Keep in mind that this is a paid app, with 15 days trial. Hence, testing for the local environment should be done within the given time.

It is recommended that FlexCrypt for its simplicity and explicit functionalities. It is easy to install and run for a pretty quick launch. Definitely recommended for people who have minimal time and require encryption of data.

Source of Information :  Hakin9 November 2010
FlexcryptSocialTwist Tell-a-Friend
Digg Google Bookmarks reddit Mixx StumbleUpon Technorati Yahoo! Buzz DesignFloat Delicious BlinkList Furl

0 comments: on "Flexcrypt"

Post a Comment