Welcome to eCrypt™

WELCOME to eCrypt™ from WestGate Software Security, Inc® and J.J. Leo Corp/Tech Assist, Inc !

This is the best solution for Small to Medium Sized Corporations with a need to transmit and store their data, voice, audio, email and have it be COMPLETELY SECURED. Flexible and intuitive access rights management for all documents based on Management Infrastructure, supporting public/private keys (certificates) and protection rings (restricted access).

Secure password, logon: user authentication & administration, encrypted data files, email, restricted access, group access to data;

May be used in compliance with HIPAA, PATRIOT ACT, Gramm-Leach-Bliley Act

How it works: All data (documents, files, emails, voice mails, text etc) is protected using a strong encryption algorithm. Only users with the hardware keys (CryptoKeys™ ) who are assigned access can read the encrypted data. Managers are able to create child keys for their subordinates, clients, etc and assign access to the data. When a child key is created a new certificate with the users profile is automatically added. The eCrypt™ also allows for every certificate to be expired, backed up/restored, imported and exported.

Encryption of Emails for Outlook Professional and Plain Text Emails (any email client)

Encryption of document files in the following format: Microsoft Word and Microsoft Excel.

Hide A File: Creates a hidden directory on the PC. All files stored in the directory are hidden and protected. They can only be accessed if there is a CryptoKey™ present.

File Encryptor: all forms of data files are secured through strong encryption and two factor authentication method

eCrypt™ protects all kinds of documents (Word, Excel, Acrobat, Outlook, Audio and Video files, etc.) using 256 bit AES (Rijndael) symmetric encryption.

What is Symmetric Encryption?

Word “symmetric” means that the same key value will be used to encrypt and to decrypt information.

Each time when you encrypt certain documents a random 256 bit (16 bytes key + 16 bytes init. vector) encryption key is generated and the document content is encrypted using this key.

Where is this generated, symmetric encryption key stored? And how should access be limited to only authorized user?

To do so, asymmetric encryption is used. Every eCrypt™ user gets his/her own unique RSA key, which is actually two keys: private key (stored in the most secret place – CryptoKey™ protected memory) and public key (freely redistributed).

If something was encrypted with user’s public key it can be decrypted ONLY with his/her private key (second half of the couple) and on the contrary. This is why the algorithm is called asymmetric.

When the eCrypt™ encrypts any document, it generates a random symmetric key first, encrypts the document using this key, then encrypts the key itself using public keys of those users, to whom the owner of the document grants access to.

This data (symmetric encryption key encrypted with various asymmetric public keys) is appended to the encrypted document.

When an eCrypt™ user wants to open a protected document, the program first checks if this document was encrypted to this user and if so, it is possible to use the private key of this user (stored in his/her CryptoKey™)  to decrypt the symmetric encryption key and to do the rest. If not – there is no way to decrypt the document for this user.

Contact InformationSales contact:

Phone: (800) 274-3785  or   (727)-547-0499  

Email: sales@toolsthatwork.com   

Technical Support contact:

Email: support@toolsthatwork.com

Lost CryptoKey™

Additional CryptoKeys™ are available for purchase and a lost CryptoKey™ is not covered under any warranty

Security Basics

Combining software and hardware based protection

eCrypt™ is based on the usage of a personal hardware security device called CryptoKey™.

Current software is designed to work with an inexpensive USB smart key that is small enough to fit on a keychain.

Both MARX™ USB and Rainbow iKey™1000 series are supported.

Two-factor authentication and two-tier security

The software utilizes a two-factor authentication system for access:

1. Something that you have (a password)

2. Something that you need (a CryptoKey™).

A two-tier security is used for document protection:

1. The content itself is encrypted

2. It requires a physical key for decryption (CryptoKey™).

This approach is much more reliable than typical authentication schemes that rely on user names and passwords. Even if your user name or password is compromised, your data is still safe. Only the CryptoKey™ can unlock your information. And it is impossible to fabricate the CryptoKey™.

Powerful encryption

Solutions apply 256bit AES symmetric encryption combined with 1024bit RSA asymmetric encryption. This combination provides reliable protection and is an unbreakable security standard.

 Symmetric encryption

256bit "Symmetric" encryption is used to protect the most popular data formats (HTML, Word, Excel, Acrobat, Outlook, Audio and Video files, etc.) and to secure remote server-client communication.   

 "Symmetric" means that the same key value is used to encrypt and to decrypt information. Each document is encrypted with a random 256-bit encryption key.

Each time when a user needs to encrypt a certain document a random 256 bit encryption key is generated and the document content is encrypted using this key.

 Asymmetric encryption: controlling document access

The Challenge: Where should this symmetric encryption key that is generated to protect certain documents be stored? How can access to the encrypted document be limited only for intended users?

The Solution: Asymmetric encryption. Every user gets his/her own unique RSA key, which is actually a couple of keys: a private key (stored in the most secret place - CryptoKey's™ protected memory) and a public key (freely redistributed).

If something is encrypted with user's public key it can be decrypted ONLY with his/her private key (second half of the couple) and vice versa.  This is why the algorithm is called asymmetric.

When it becomes necessary to  encrypt any document, the algorithm generates  a random symmetric key first, encrypts the document using this key, then encrypts the key itself using public keys of those users, to whom  access has been granted.

This data (symmetric encryption key encrypted with various asymmetric public keys) is appended to the encrypted document.

When a user wants to open a protected document, the program first checks if this document was encrypted  for this user and if so, it is possible to use the private key of this user (stored in his/her CryptoKey™) to decrypt the symmetric encryption key and to do the rest. If not - there is no way to decrypt the document for this user.

Certificate Model

At the heart of our security products and solutions there's is a unique data protection engine, called the Certificate Model. It is tailored specifically for the needs of small to medium-size businesses and it provides strong cryptographic protection for both intra-enterprise and inter-enterprise document exchange while requiring only minimal administration.

Freely redistributable certificates

Users can export their public keys to other users and also import public keys to their own database. To simplify public keys exchange/distribution a special object, called certificate is supported. In addition to the user's public key, his/her certificate also includes: user name, issue date, expiration date.

In its Office Security products users are provided with a convenient and natural way to store & manage external certificates: Certificate Book.

The Certificate Book is a personal database used to simplify selection of recipients when encrypting documents. Its owner can easily encrypt any document to a subset of users from his/her Certificate Book.

 Super user

The Certificate Model includes a special notion/object called Super User. The Super User has unlimited access to all encrypted company documents.   The Super User has its Master Key - the very first asymmetric key generated for this company (customer).

The public part of the Master Key is stored in every user's CryptoKey™ formatted for this company.

Any encrypted document automatically includes Super User public key in the list of its recipients.

 Protection Rings

eCrypt™ also includes Protection Rings support.

The main idea of Protection rings is to simplify encrypted documents exchange between users inside the customer's company.

The Certificate Model provides four predefined protection rings, representing typical management hierarchy for most small to medium businesses:

o top secret, o secret,

o restricted,

o unclassified

So, instead of encrypting:

document#1 to users:  A, B (say, top management of the company) document#2 to users:  A, В, C, D (top executives +  managers)

document#3 to users: A, B, С, D, E, F (extended auditorium inside the company)

The user can simply encrypt:

document#1 to all top secret ring owners document#2 to all secret ring owners (will be automatically available also for top

secret ring owners)  

document#3 to all restricted ring owners (automatically available for all top secret and secret ring owners);

Summary

Our software and hardware security products provide strong and flexible security without the cost of dedicated servers or technical staff.

In order to meet the security requirements of small companies the Certificate Model requires neither dedicated servers nor any technical stuff to support it, while still providing strong protection and high flexibility.

Security is as simple as choosing one of four "protection rings." These security stamps have been used in paper-based workflow for decades: Unclassified, Restricted, Secret, and Top Secret. Each piece of data to be secured, e.g., a text document, media file, or email, is assigned to one of the rings. Each company employee or customer is also associated with a certain ring. A user has access to all documents belonging to his ring and lower (less restricted) rings.

Protection rings are implemented by means of asymmetric cryptography. A ring is represented by a public/private key pair. Each user holds private keys of his ring and lower rings. Each document is encrypted with a public key of a corresponding ring. In order to decrypt the document a user must belong to the same or higher (more restricted)

protection ring. Private keys are never operated by users explicitly. User's private keys are stored in personal CryptoKeys™ that must be attached to computers every time the security software is used. Access to CryptoKey™ is protected by password.

The main advantage of protection rings is that they are static. Once generated, they never change. This property allows building a completely decentralized security infrastructure without a specialized server.

The Certificate Model also allows for more flexible security implementations. Users can exchange certificates and create a protected communication channel.

Conclusion: Our security products and technologies based on the Certificate Model and encryption engine described above provide affordable and reliable solutions for small to medium businesses comparing to expensive high-end PKI implementations

eCrypt™ Control Center

Control Center is the kernel of the eCrypt™. From the Control Center you can:

- run eCrypt Components :

o Hide-A-File™, o File Encryptor,

o KeyPer™

- manage certificates using Certificate Book,

- fulfill operations with CryptoKey™ (s) on the Administrative Tools tab:

o Format New CryptoKey™,o Create Backup of your CryptoKey™ to an encrypted file,

o Restore information from a backup to your CryptoKey™,

o Change Password in your CryptoKey™.

- integrate different products to the eCrypt™ to be able to protect documents from the product main menu:

o Windows Explorer,o Microsoft Word,

o Microsoft Excel,

o Microsoft Outlook 

How to Run the Control Center

After installation of the eCrypt™ the icon is placed on the desktop of your computer. Double click on this icon to run the eCrypt™ Control Center.

A small icon appears on the System tray after you run the eCrypt™. To run the Control Center you may double click on this icon. The right mouse button click activates the eCrypt™ start menu:

 

 

 

Select Control Center position to run it. You can also run Hide-A-File™ or KeyPer™ from this menu.

eCrypt™ Components

This menu allows quick references to security components of the eCrypt™:

Hide-A-File™,

File Encryptor,

KeyPer™

Certificate Book

eCrypt™ provides users with a convenient and natural way to store & manage external certificates: Certificate Book.

The Certificate Book is a convenient tool to view/import/export certificates of your colleagues and contacts. You will see there all available certificates, including your own with: user name, issue and expiration dates for every certificate. You can use all these certificates when encrypting documents, emails.

 If your CryptoKey™ is attached and you are logged, then you will see your personal certificate icon in red

All the rest certificates will be in green.

After you unplug the CryptoKey™, your certificate will be in green:

The Certificate Book is a personal database used first of all to simplify selection of recipients when encrypting documents. Its owner can easily encrypt any document to a subset of users from his/her Certificate Book.

eCrypt™ users can export their public keys to other users and also import public keys provided by other users to their own database.

To simplify public keys exchange/distribution eCrypt™ supports a special object, called certificate.

Besides a user public key eCrypt™ user certificate includes also:

- user name;

- issue date;

- expiration date.

Certificates are created with the format of each new CryptoKey™.

If someone else were to create a key then you would be able to Import their certificate

And export your certificate to them.

Selecting certificates for protected disk and documents determines who gets access to your emails, docs, etc.

Export/Import of Certificates

If you want certain people to have access to your encrypted documents or protected discs, to read encrypted messages sent via email; you should exchange your certificate with this person (or persons).

It is very easy: Export and Import buttons in the Certificate Book screen allow you to save your own certificate and other certificates from your Certificate Book to a file (data is encrypted) on the hard disk or floppy disk (Export), and add certificates from the file(s) to your Certificate Book. You may send/receive these files via email or save and open from a network computer.

To export certificates press the Export button and select the path where you want to

save certificate(s) from your Certificate Book:

In the Save as dialog enter the name of the file and press the Save button. Your Certificate Book opens. Select (check checkboxes to the left of the certificate icon) certificate(s) which you want to export (you may select one or more certificates and save them to one file):

Press the Export button.

To import certificates (add to your Certificate Book) press the Import button on the Certificate Book screen:

In the Open dialog select the file on a hard or floppy drive and press the Open button.

Select one or more certificates from the list and press the Import button:

Selected certificates are added to your certificate book.

Administrative Tools

Overview

This screen includes tools which allow different operations with the CryptoKey™. Most of them require the Administrative password. The Administrative Tools allow to:

Manage CryptoKey™ (CryptoKey™ Management group):

Format New CryptoKey™

Modify Existing CryptoKey™

Restore and Backup CryptoKey™:

Create CryptoKey™ Backup copy of your CryptoKey™ (strongly recommended to make backups from time to time),

Restore CryptoKey™ from Backup (if you lost your key, the only way to restore information is to use this function),

Change Passwords:

User Password

Administrative Password

Optimize CryptoKey™ Memory

Format New CryptoKey™

To format a new CryptoKey™ you should know the Administrative Password.

If you enter a wrong password the error message is displayed:

If the password is correct the Format New CryptoKey™ wizard is started to allow step-by-step key formatting.

The first dialog (screen 0) suggest to enter the key owner information and set the expiration date.

The next dialog (screen 1) allows to select the security ring for the CryptoKey™ user:

Top Secret (will have access to all documents encrypted for all security levels); Secret (will have access to documents encrypted for all but Top Secret security

levels);

Restricted publication (access to documents encrypted for this security level);

No protection ring access (no access to documents encrypted for security levels listed above).

The option ‘Owner of CryptoKey™ will have rights to create new user’ (if the checkbox is checked) allows the user of the CryptoKey™ (parent key) to create new users Child keys). The security level of child keys can not be higher than that of the parent key.

The next dialog (screen 2) is for entering Administrative and User passwords.

Screen 3 provides you with the Summary Information just to check if you entered correct data. If you find an error press the Back button one or several times to go back to the screen with incorrect data to edit it.

Attention! Before pressing the Finish button on screen 4 remove your CryptoKey™ and insert the key you want to format. Otherwise you can re-format your CryptoKey™ with data you’ve just entered.

After you entered the key you want to format press the Finish button.

Modify Existing CryptoKey™

This option can be useful if you want to change CryptoKey™ properties, such as expiration date or access rights.

You may modify only those CryptoKeys™ which were created from your CryptoKey™ (so called "child Keys"). For modification you should know the Administrative Passwords both of your key and the key you want to modify.

If the passwords you entered are correct the Modify CryptoKey™ wizard is started to allow step-by-step key modification.  

This wizard is almost the same as you used to  create child CryptoKey s™  (Format New CryptoKey™) from your key

Create Backup

Making Backups of your CryptoKey™ from time to time is very important. In case you have lost your key the only way to get access to your encrypted data is to create a new key and restore the CryptoKey™ contents from the backup file.

We recommend to have the backup copy of your key in a safe place (not only on a hard drive, but also on a floppy or CD).

Restore CryptoKey™

To restore your CryptoKey™ from a backup file you should know the Administrative password.

The Restore CryptoKey™ wizard suggest first of all to select the backup file (screen 0), then to enter User and Administrative passwords (screen 1). Screen 2 will display the Summary information to check if all data is correct. The last dialog (screen 3) suggests removing your CryptoKey™ and inserting the key to which you want to restore data from the backup file.

If you have not removed the key you’ll get a warning message and select if to restore data to the same key or remove it and insert another one.

Change User Password

If you want to change your User password double click on the Change User Password button on the Administrative Tools tab,  enter the Administrative password to confirm your right to change the User password, and then enter a new User password two times.

The User password will be changed.

Change Administrative PasswordIf you want to change your the Administrative password double click on the Change Administrative Password item on the Administrative Tools tab, enter the Administrative password to confirm your right to change the password, and then enter a new Administrative password two times.

The Administrative password will be changed.

Optimize CryptoKey™ MemoryThe CryptoKey™ memory is limited (4K, 8K, 32K, 64K). When you enter, edit or delete records to KeyPer™  the key memory becomes fragmented: when deleting records there appear free fragments between records in the memory and the situation can occur when there is no space for a new record.

To avoid this situation KeyPer™ checks every time if the key memory is fragmented and suggests to optimize the CryptoKey™ memory:

Your CryptoKey™ memory is too fragmented.

Do you want to optimize it?

Just  press the Yes button to optimize your CryptoKey™ memory.

IntegrationThe Integration screen displays Program Products which can be integrated to the eCrypt™.

If you want to be able to protect/unprotect MS Word, MS Excel, Adobe Acrobat documents by selecting this option from the product menu item (eCrypt™ will appear in the product menu) or encrypt/decrypt your messages in MS Outlook, or protect/unprotect any file by clicking the right mouse button in Explore check the corresponding checkboxes.

On the right part of the screen there are settings which allow running the eCrypt™ automatically when running MS Windows and automatically upon CryptoKey™ insert.

All the Applications are automatically checked, but to integrate the “eCrypt™” Menu for each of these applications, the “Apply” button must be selected.

To cancel changes made before pressing the Apply button, select the Restore button.

Welcome to Hide-A-File™ WELCOME to Hide-A-File™ , a component of eCrypt™  - your private data vault inside your computer! Secure data storage, safely protected against prying eyes!

2-factor authentication, supreme hardware protection and unbeatable AES/Rijndael encryption provide  the level of security you're expecting from eCrypt™ !

Hide-A-File™ is a system for those who are anxious for protection of their personal or professional information. The system allows the user to create virtual encrypted disks with all information on them encrypted and decrypted on the fly.

The encrypted disk contents are stored as a binary file called the encrypted disk image. Once an encrypted disk image is created it can be mounted as a virtual drive anytime later. The disk image can be mounted only if a user enters an appropriate password and supplies a valid CryptoKey™. Strong encryption algorithms used in the system guarantee that nobody can access your private information.

Mounted encrypted disks look like normal drives with a drive letter. All applications work with that disk like with normal one - even Format utility can format encrypted disk. To protect data, in most of the cases, it is enough to keep documents on encrypted disk

Encrypted disks can be easily manipulated - mounted, unmounted, locked, created - with a click of mouse. The operations can be done through both Hide-A-File™ Manager and Windows Explorer.

During the creation a user can choose a file system for the encrypted disk. This format should be supported by operating system. For Windows NT it can be NTFS or FAT, for Windows 95/98/ME it can be FAT or FAT32, for Windows 2000 any file system is available. The size of encrypted disk is limited only by free space on the hard drive and file system possibility. FAT32 and NTFS can be used practically to create the largest possible encrypted disk image.

How to run Hide-A-File™ There are several ways to run the Hide-A-File™ Manager:

1. Run eCrypt™ Control Center and press the Run Hide-A-File™ button on the eCrypt™ Components tab of the Control Center. The Hide-A-File™ icon appears on the System tray.

If you want to have the Hide-A-File™ icon on the System tray any time you insert the CryptoKey™check the Hide-A-File™ checkbox on the Integration tab of the eCrypt™ Control Center (and press the Apply button)

2. Click the right mouse button on the Control Center icon on the System tray

and select the Hide-A-File™ option from the menu to run the Hide-A-File™ Manager.

3. Click the right mouse button on the Hide-A-File™

icon on the System tray

Brief description of menu options:

Encrypted Manager – runs the Encrypted Disk Manager

About Hide-A-File™ – displays information on the Hide-A-File™ version

Create new encrypted disk – runs the Create new encrypted disk dialog

Mount all encrypted disks – you can use this option to mount encrypted disks if disks are not mounted automatically when you insert the CryptoKey™ (it can be specified when creating encrypted disks)

Unmount all encrypted disks – all encrypted disks will be unmounted (inaccessable)

Exit - allows stopping Hide-A-File™ application.

Encrypted Disk ManagerEncrypted Disk Manager allows the following: to Create, Delete Encrypted disks, Move a selected disk to another location, and change a selected disk name.

To create a new disk press the New button , the Create disk dialog is displayed where you can specify disk parameters.

The Add button allows you to add encrypted disks created with the same encryption key. This option should be used if you restored the contents of the CryptoKey™ from a backup file to another CryptoKey™ to have access to your virtual disks.

If you want to delete an encrypted disk press the Delete button .

The Move button allows you to move a selected disk to another location. The Save As dialog is displayed, select a new path and press the Save button. Your disk is in a new location.

The Mount and Unmount buttons allow to mount (make visible with a valid CryptoKey™) or unmount (make invisible) a selected disk.

Disk Configuration group allows changing selected disk parameters: Disk name, Default disk letter, Comments. You can also change the Mount disk automatically option.

To save changes press the Apply button.

Disk Properties group displays those properties which can not be changed.

Create Virtual DiskTo create a new encrypted disk, fill in information about your disk (or select from the pull down list boxes).

Disk name – we recommend to enter the name which will allow you to see what information is stored on this disk.

Encrypted Disk Properties group:

Disk size (in MB) – select from the list box or enter the size of your new disk.

Default disk letter – select any available letter from the list box.

Mount this disk automatically – check this checkbox if you want this disk to be mounted automatically after you insert the CryptoKey™ and enter the correct password.

Encrypted Disk Image Location group:

Drive – select from the list box the hard drive for the encrypted disk image. There is full information about hard drives: letter, name, and free space on the drive.

File – the default path for encrypted disks images is: <selected drive>, but you can press the Browse button and select any other location.

Security Settings

To select the security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the protected disk press the Set button (your certificate is added automatically).

Comment – here you can enter any comments on the encrypted disk being created.

After you enter all information press the Create button and the encrypted disk will be created.

When disk creating process is finished the Format dialog is displayed.

Select the required option and press the Start button.

Create Virtual DiskTo create a new encrypted disk, fill in information about your disk (or select from the pull down list boxes).

Disk name – we recommend to enter the name which will allow you to see what information is stored on this disk.

Encrypted Disk Properties group:

Disk size (in MB) – select from the list box or enter the size of your new disk.

Default disk letter – select any available letter from the list box.

Mount this disk automatically – check this checkbox if you want this disk to be mounted automatically after you insert the CryptoKey™ and enter the correct password.

Encrypted Disk Image Location group:

Drive – select from the list box the hard drive for the encrypted disk image. There is full information about hard drives: letter, name, and free space on the drive.

File – the default path for encrypted disks images is: <selected drive>, but you can press the Browse button and select any other location.

Security Settings

To select the security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the protected disk press the Set button (your certificate is added automatically).

Comment – here you can enter any comments on the encrypted disk being created.

After you enter all information press the Create button and the encrypted disk will be created.

When disk creating process is finished the Format dialog is displayed.

Select the required option and press the Start button.

Welcome to KeyPer™This is a product that you can use every day to store and access your confidential data.

These days, people spend more and more time on the Internet. They are doing online banking, purchasing goods, browsing various web sites. The same information: URLs, account numbers, pins, passwords, logins, etc. needs to be entered over and over. This is not only tedious and frustrating but also not secure

You may have several places to logon: email, various computer accounts, electronic commerce accounts; and information to store: credit cards details, bank accounts, and other sensitive data. For each account users should have different passwords. This way if somebody figures out one password the rest of accounts won't be compromised.

But as we all know most people today cannot remember all of those passwords and tend to use the same password for everything. This being the case if someone finds out the name of your dog, they would get “the keys to the kingdom”.

Good passwords (difficult to crack) should be long and contain random characters, which is difficult to remember.

The ultimate solution to all these problems is KeyPer™.

KeyPer™ allows information to be stored securely inside the CryptoKey™. You can keep your CryptoKey™ on your keychain or in another safe place.

The KeyPer™ interface makes entering and accessing data easy - by locating required records and copying their fields to the proper destination. The basic idea is that your sensitive data is stored inside the key and can be copied via clipboard to any entry point.

Another cool feature is the use of hot keys. Some of the fields, namely those that serve as logins and passwords can be entered automatically to the entry field at a touch of a hot key. This is even more convenient and secure, since no data is copied to the clipboard and the whole procedure takes a couple of clicks.

Once these records are entered, they are stored encrypted inside the CryptoKey™!

KeyPer™ InterfaceKeyPer™ interface makes entering data simple. Users can enter and access records and copy their fields to the desired destination.

To make the program more convenient there are different tabs for different categories of information:

Internet Resources - to store information relative to Internet Credit Cards - to store Credit Cards data

Banking Accounts - to store your Banking Accounts

Miscellaneous - store information, which doesn't fit any of the above mentioned categories.

How to enter/edit/remove records

Make your decision which data you want to enter and open the proper category tab.

To create a new record (or to enter the first one) you can:

1. In the Edit menu choose Create new Record option, or2. Press Ctrl+N or F7 keys, or

3. Click the button.

The Create new record… dialog is displayed. Enter the record name and press the Create button. The record name appears in the list of records and in the Name edit field (you can change the record name any time you enter or edit the record).

After you enter all required information press the Save button – the entered data is saved and the window is switched to the View mode.

If for some reason you need to Edit previously entered records,

1. Choose the Modify Record option in the Edit menu, or

1. Click the button, or

2. Double click the record you want to edit on the Name list box.

After editing the record press the Save button. The Cancel button cancels the latest changes and switches to the View mode.

To delete a record:

1. Select the record in the list of records (selected record is highlighted)2. Choose the Delete Record option in the Edit menu,or

3. Click the button.

Additional options

After you entered records their names are listed in the list box to the left of the dialog. The data of the highlighted record is displayed in the fields. On the right side of most of the fields there are different buttons which can be very useful for you.

Let's go through them one by one:

1. Button copies data to the clipboard from the field next to the button. If you need to enter this data to another KeyPer record or any other program just press this button and then Paste it by right clicking on your mouse and selecting paste, or by using the CTRL + V command. You can also copy a field contents by pressing the button in the tool bar on the top of the screen.

2. Button shows/hides field's content. To hide the most secure information from anybody some fields are displayed as a string of * characters (passwords, credit card numbers. pin codes, etc). To view this data click this button. You can also view hidden fields by pressing the button in the tool bar.

3. Button launches Internet Explorer and opens web page specified in URL field. When you click on the Launch Internet Explorer button a special tool appears which helps you to fill Login and Password fields on the web page:

Move the cursor to the required login or password field to be entered.  Press and hold down the left mouse button (the KeyPer™ logon window will appear).  Drag the cursor over the KeyPer™ appropriate logon field (login or password) and they will be automatically pasted into the required data field

If you do not need to enter Login and Password on the web page press the ESC key.

Create New RecordMake your decision which data you want to enter and open the proper category tab.

To create a new record (or to enter the first one) you can:

1. In the Edit menu choose Create new Record option, or2. Press Ctrl+N or F7 keys, or

3. Click the button.

The Create new record… dialog is displayed. Enter the record name and press the Create button. The record name appears in the list of records and in the Name edit field (you can change the record name any time you enter or edit the record).

After you enter all required information press the Save button – the entered data is saved and the window is switched to the View mode.

Modify RecordIf for some reason you need to modify previously entered records,

1. Choose the Modify Record option in the Edit menu, or2. Click the or

3. Double click the record you want to edit on the Name list box.

After editing the record press the Save button. The Cancel button cancels the latest changes and switches to the View mode.

Delete RecordClick tab you want to remove a record from.

1. Select the record in the list of records (selected record is highlighted)2. Choose the Delete Record option in the Edit menu, or

3. Click the button.

Show/Hide fieldSome of the fields may contain passwords or other data that is secret. Data in such fields is shown hidden.

Click the button next to the field or the button in the tool bar to show/hide field's content.

Load web pageURL field from Internet Resources and Online Banking URL field from Banking Accounts group may contain address of web page containing login and password fields.

Choose record from the Name list box.

Click button next to URL or Online Banking URL field.

Internet Explore is launched with chosen URL.

When you click on the Launch Internet Explorer button a special tool appears which helps you to fill Login and Password fields on the web page:

Move the cursor to the required login or password field to be entered.  Press and hold down the left mouse button (the KeyPer™ logon window will appear).  Drag the cursor over the KeyPer™ appropriate logon field (login or password) and they will be automatically pasted into the required data field

If you do not need to enter Login and Password on the web page press the ESC key.

Backup KeyPer™ CryptoKey™ to FileMaking Backups of your CryptoKey™ from time to time is very important. In case you have lost your key the only way to get access to your encrypted data is to create a new key and restore the CryptoKey™ contents from the backup file.

We recommend to have the backup copy of your key in a safe place (not only on a hard drive, but also on a floppy or CD).

Restore KeyPer™ CryptoKey™ from FileTo restore your CryptoKey™ from a backup file you should know the Administrative password.

The Restore CryptoKey™ wizard suggest first of all to select the backup file (screen 0), then to enter User and Administrative passwords (screen 1). Screen 2 will display the Summary information to check if all data is correct. The last dialog (screen 3) suggests removing your CryptoKey™ and inserting the key to which you want to restore data from the backup file.

If you have not removed the key you’ll get a warning message and select if to restore data to the same key or remove it and insert another one.

Preferences

You can make settings for CryptoKey™ notifications and KeyPer™ visualization in the Preferences dialog.

Open the Edit menu and select the Preferences option.

The Common tab of the Preferences dialog allows to :

allow running the KeyPer™ automatically when running MS Windows (System group);

set CryptoKey™ notifications (what should be done with KeyPer™ when the CryptoKey™ is attached and unplugged; and how to minimize KeyPer™.

The CryptoKey™ tab allows to change the user password and administrative password of your CryptoKey™.

It also allows to Optimize the CryptoKey™ memory.

Document Protection

Security Settings - Protection RingseCrypt™ includes Protection Rings support.

The main idea of protection rings is to simplify encrypted documents exchange between users inside the corporate structure.

eCrypt™ includes three predefined protection rings:

top secret; secret;

restricted;

representing typical management hierarchy for most small to medium businesses.

So, instead of encrypting:

document#1 to users: A, B (say, top management of the company) document#2 to users: A, A, C, D (top executives + managers)

document#3 to users: A, B, N, D, E, F (extended audience inside the company)

eCrypt™ user can simply encrypt:

document#1 to all top secret ring owners document#2 to all secret ring owners (will be automatically available also for top

secret ring owners)

document#3 to all restricted ring owners (automatically available for all top secret and secret ring owners);

Security Settings - Certificate Book

eCrypt™ users can export their public keys to other users and also import public keys provided by other users to their own database.

To simplify public keys exchange/distribution eCrypt™ supports a special object, called certificate.

Besides a user public key eCrypt™ user certificate includes also:

- user name;

- issue date;

- expiration date.

eCrypt™ provides users with a convenient and natural way to store & manage external certificates: Certificate Book.

The Certificate Book is a personal database used first of all to simplify selection of recipients when encrypting documents. Its owner can easily encrypt any document to a subset of users from his/her Certificate Book.

Protecting Microsoft Word DocumentsIf MS Word is integrated to the eCrypt™ you will see the eCrypt™ menu item in the top menu. If you do not see it, then it is possible that you did not close out all of your applications when you installed this program. In that case in order to integrate MS Word to the eCrypt™ you should check the proper check box on the Integration tab of the Control Center (by default all Program Products selected while installing the eCrypt™ are integrated to eCrypt™) and hit the Apply Button.

To encrypt a document open it (or create new) and select the Protect option in the eCrypt™ menu. If it is a new document the Save as dialog is opened suggesting to select the path and enter the file name. After you press the Save button the Protection Settings dialog is displayed

When protecting an existing file no Save as dialog is displayed, the Protection Setting screen opens and you can select security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the protected document. Your certificate is added automatically.

After the encryption process is finished (document is protected) you will see the following text (this text is always displayed when you open a protected document):

 This document is encrypted with eCrypt™.

 To decrypt it attach a valid CryptoKey™

 to the computer and enter the password.

If you have access to the encrypted document open the eCrypt™ menu and select the Unprotect option. The file will be decrypted.

Protecting Microsoft Excel DocumentsIf MS Excel is integrated to the eCrypt™ you will see the eCrypt™ menu item in the top menu. If you do not see it, then it is possible that you did not close out all of your applications when you installed this program. In that case in order to integrate MS Excel to the eCrypt™ you should check the proper check box on the Integration tab of the Control Center (by default all Program Products selected while installing the eCrypt™ are integrated to eCrypt™) and hit the Apply Button.

To encrypt a document open it (or create new) and select the Protect option in the eCrypt™ menu. If it is a new document select the Save as option from the File menu and select the path and enter the file name. After you press the Save button the Protection Settings dialog is displayed

When protecting an existing file no Save as dialog is displayed, the Protection Setting screen opens and you can select security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the protected document. Your certificate is added automatically.

After the encryption process is finished (document is protected) you will see the following text (this text is always displayed when you open a protected document):

 This document is encrypted with eCrypt™.

 To decrypt it attach a valid CryptoKey™

 to the computer and enter the password.

If you have access to the encrypted document open the eCrypt™ menu and select the Unprotect option. The file will be decrypted.

Protecting Microsoft Outlook DocumentsIf MS Outlook is integrated to the eCrypt™ you will see the eCrypt™ menu item in the top menu when a new message is opened. If you do not see the eCrypt™ menu item when a new message is opened, it is possible that you had some applications open during installation.

To integrate MS Outlook to the eCrypt™ you should check the proper check box on the Integration tab of the Control Center (by default all Program Products selected while installing the eCrypt™ are integrated to eCrypt™) and hit the Apply Button.

There are two options for encrypting messages: for Outlook Professional and Plain Text. When protecting a message for Outlook Professional the text of the protected message is replaced with:

This document is encrypted with eCrypt™.

To decrypt it attach a valid CryptoKey™

to the computer and enter the password.

If the second encryption option is selected the message text after encryption is displayed like:

After you select to encrypt your message with either Outlook Professional or Plain Text the Protection Setting screen opens and you can select security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the protected document. Your certificate is added automatically.

To decrypt a protected message open the eCrypt™ menu and select the Unprotect option. The message will be decrypted if you have rights to access it.

Encrypt/Decrypt Clipboard TextWhat is the Clipboard?

When you select any text in your documents and Copy (or Cut) it in order to Paste to another place of the same document or to another document, this text is saved in computer memory called the Clipboard. The next Copy/Cut operation replaces the Clipboard with other contents.

The eCrypt™ allows the encrypting (and decrypting) of text on the Clipboard.

How does it work?

Type some text in, say, Notepad editor (Accessories/Notepad), select this text:

Open the Edit menu and select the Copy or Cut option:

Click the right mouse button on the eCrypt™ icon in the system tray and select the Encrypt Clipboard Text option. The Protection Setting screen opens and you can select security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the encrypted text. Your certificate is added automatically.

To see what the encrypted text looks like, go to the Edit menu in Notepad and select the Paste option:

To decrypt the text select the whole text, copy or cut it to the clipboard (Edit menu):

and select the Decrypt Clipboard Text from the eCrypt™ menu (click the right mouse button on the eCrypt™ icon in the system tray.

The clipboard text is decrypted and you can Paste it to any document.

When should Plain Text Email encryption be used?

This version of the eCrypt™ supports email protection for MS Outlook. If you use this email client it is very easy to encrypt/decrypt messages with a special eCrypt™ plug-in.

If you use an email client other than MS Outlook (Outlook Express, for example) you have two options to send encrypted documents:

1. Attach files encrypted with File Encryptor or encrypted MS Word, MS Excel or Adobe Acrobat files.

2. Type a message (as you do it now sending messages to your addressees), select the message, cut it to the Clipboard, Encrypt Clipboard Text and paste to the message. Nobody except those people (or rings) selected by you will be able to access this message.

File EncryptorOne of the eCrypt™ Components is File Encryptor. It allows for the encryption of any selected file. Press the File Encryptor button on the eCrypt™ Components tab of the Control Center, select the file in the Open dialog, and press the Open button. The selected path is shown on the File Encryptor dialog. You can select another file – press the button to the right of the File edit field.

To encrypt the file press the Protect button, the Protection Setting screen opens and you can select security level (Protection Rings) or/and persons from the Certificate book who you want to have access to the protected document. Your certificate is added automatically.

After encryption is finished the status field says: File is protected. The Protect button is changes to Change Attributes (use it if you want to change protection attributes – add/remove certificates, change security level). If protection attributes are correct press the Apply button to start encryption.

You may also run File Encryptor from the eCrypt™ start menu: click the right mouse button on the small button on the system tray and select the File Encryptor option.

There is one more way to encrypt files. Integrate file Explorer to the eCrypt™ (check the proper check box on the Integration tab of the Control Center, by default all Program Products selected while installing the eCrypt™ are integrated to eCrypt™).

Open file Explorer, select a file and click the right mouse button on it. Select the Protect file with eCrypt™. If you click on the protected file this option will say: Unprotect the file with eCrypt™.

When protecting a file, the original file will remain unprotected and a new protected version of that file will be created. When unprotecting a file, a new unprotected version is created and the old protected version still remains.