Dekart Private Disk SDK
- Does it support encrypted partition / file system?
- Encryption algorithms (e.g., AES, 3DES, Blowfish, Safer++, RC4, etc).
- What are the implementation details?
- What are the additional functions provided by the SDK?
- Is there kernel level support?
- If a password / key is forgotten, is there a way to rescue the data, without having a big security hole?
- What about fault tolerance? If corruption occurs in the disk, or the computer is shut down improperly, we do not want to create more damage then if we were not encrypting the disk.
- What are the supported file systems?
- What are the supported OSes?
- How is the encryption done?
- Does the SDK contain only API for the disk encryption, or can we get a working application?
- What is the licensing policy, and what is the cost of the SDK?
Does it support encrypted partition / file system?
PD SDK will create a virtual partition which is treated by the OS as a regular partition; but all the data on that partition are transparently encrypted with AES 256-bit. Windows' NTFS encryption (EFS) is not used, though one can enable this option for the NTFS partition stored in an encrypted image.
Encryption algorithms (e.g., AES, 3DES, Blowfish, Safer++, RC4, etc).
PD SDK applies Dekart's NIST-certified implementation of AES 256-bit; the hashing algorithm applied within the SDK, SHA-512, is also NIST-certified. [More details: why Dekart chose AES encryption]
The performance of virtual encrypted drives created by the aid of PD SDK is equal to the performance of virtual drives created by disk encryption program, Private Disk; except the cases in which the custom application performs other operations which are not carried out by Private Disk. More information about the performance of Private Disk's on-the-fly encryption.
What are the implementation details?
The SDK is a DLL (Dynamically Linked Library) that provides a set of functions and data structures. The size of the executable file depends on the number of the functions imported (and used) from the library, the same applies to the amount of consumed RAM.
The programming language in which an application can be written can be any language that is able to import functions from DLLs, the SDK can be used with a broad range of IDEs, some examples: Borland C Builder, Delphi, Microsoft Visual Studio, etc.
All the cryptographic algorithms applied in PD SDK are certified by NIST (FIPS 180-1, FIPS 180-2).
What are the additional functions provided by the SDK?
The SDK provides literally all the functions that are available in Private Disk. Among the non-encryption related functions of the SDK:
- Disk Firewall [a unique feature which brings data protection to an entirely new level. Now you can control which applications are trusted to access your encrypted disk, making sure that viruses, worms or other malware stay away from your private information]
- Saving / Loading data about shared folders and NTFS ACL of a virtual drive
- Backup mechanism of the disk's encryption key
- Ability to store the disk's encryption key separately from the encrypted data
- Logging mode [provides troubleshooting and debugging information]
Is there kernel level support?
Yes, the drivers can be accessed directly, without using the API as an intermediate layer.
If a password / key is forgotten, is there a way to rescue the data, without having a big security hole?
PD SDK provides the ability to create an encrypted backup of the disk's encryption key, which can be stored separately from the disk itself. The encryption key of the backup can be different from the encryption key itself, thus if one of the keys is compromised, the data are still 100% secure.
What about fault tolerance? If corruption occurs in the disk, or the computer is shut down improperly, we do not want to create more damage then if we were not encrypting the disk.
PD SDK allows you to minimize the damage caused by hardware failure or hardware corruption, using the built-in backup mechanism. It guarantees that the data will be successfully decrypted, but handling the corruption of the decrypted files should be done by the application that created those files. More details about data corruption.
What are the supported file systems?
Virtual encrypted drives created by PD SDK can be formatted to any file system supported by Windows (natively: FAT, FAT32 or NTFS), or by the third-party applications that were installed on the computer and provided the ability to use another file system.
What are the supported OSes?
PD SDK was tested (and proven compatible) with the following operating systems:
- Windows 95, 98, ME;
- Windows 2000;
- Windows XP;
- Windows 2003;
- Windows Vista;
Note: 64-bit versions are also supported.
How is the disk encryption done?
PD SDK encrypted drives are virtual volumes that reside on the original file system. The SDK can also be used to create individual encrypted files that will not be treated as virtual drives.
Does the SDK contain only API for the disk encryption, or can we get a working application?
The SDK includes the API, the documentation of the functions, graphics that illustrate the mechanisms applied by the API. The SDK also provides two sample projects (each action is commented) which allow you to get started easily, or create a custom application "on top" of the sample.
The sample projects are written in C.
What is the licensing policy, and what is the cost of the SDK?
There are two types of licensing schemes for Private Disk SDK – Internal Use License and Commercal Use License. Learn more about licensing schemes for Private Disk SDK…
Please contact us at firstname.lastname@example.org for more details.