Encryption software uses digital cryptography to prevent unauthorized access to digital information and is used to protect information stored on computers as well as that which is sent over the Internet.
Encryption refers to a method of encoding information in such a way that only authorized people are able to read or use it. While encryption does not deny access to the encrypted file, it renders the content unintelligible to unauthorized interceptors. While encryption techniques have been in use for centuries, long before the invention of computers, digital encryption generally uses a pseudo-random encryption key generated by an algorithm, the idea being that a digital key is necessary in order to decrypt the message.
Encryption capabilities are part of several software products, including email systems, but the focus of this category is on software products designed primarily for encryption, although they may have other functions as well.
Software encryption uses a cipher, which is an algorithm for performing encryption and decryption. Text that has been encrypted is known as ciphertext. It includes a form of the original text that has been made unreadable by a human or computer without the proper decryption key or cipher. Decryption is the process of turning ciphertext into readable plain text.
Ciphertext is similar to codetext, but they are not synonymous. Although cipher and code are often used interchangeably, a cipher is an encryption system that is used to replace letters of a word so that only the person who is aware of the system used for encryption is able to understand the message, while a code is a method of replacing a word or phrase with another word, phrase, or symbol, but for the same purpose.
There are two types of ciphers: public key (asymmetric) ciphers and symmetric key ciphers. Encryption software may be based on either of these forms. Symmetric key ciphers can be further divided into stream ciphers and block ciphers. Stream ciphers encrypt plain text a bit or a byte at a time and are generally used to encrypt realtime communications, such as audio or video, while block ciphers split the plain text into fixed-size blocks, encrypting one block at a time.
Another way in which encryption software can be classified is by purpose, divided between data in transit encryption and data at rest encryption.
Data at rest refers to that which has been saved to a disk or another type of persistent storage. This type of encryption usually uses a symmetric key, although there are varying methods of doing so. Encryption might be configured at the disk layer, on a partition, a volume, at the layer of the file system, or within user space applications like a database or application.
With full disk encryption, the whole disk is encrypted, except for the small bits required to boot or access the disk when not using an unencrypted boot. Because disks can be partitioned into multiple partitions, partition encryption is sometimes used to encrypt individual partitions. Volumes are created by combining two or more partitions, which may be encrypted through volume encryption. Also made up of one or more partitions, file systems can be encrypted through filesystem-level encryption. A directory is considered to have been encrypted when the files within the directory are encrypted, while file encryption encrypts a single file. With database encryption, information is written to persistent storage only after the data to be stored has been encrypted.
When it is necessary to transmit data at rest, through something other than a secure connection, tools have been developed for this. These rely on the receiver publishing their encryption key, and the sender being able to obtain the key. The sender, then, creates a symmetric key to encrypt the information and uses the receiver's public key to securely protect the transmission of the information and the key. Pretty Good Privacy (PGP), now a Symantec product, is an example of this type of encryption.
Data in transit refers to that sent over a network, such as the Internet, where confidential information might be vulnerable to unauthorized access while between the two endpoints. to protect the data being sent, confidential information can be encrypted to ensure confidentiality, integrity, and validity.
Often, data in transit is between two entities that do not know one another. In order to establish a relationship and share an encryption key, a set of policies and procedures is established and referred to as the public key infrastructure (PKI). Once PKI has established a secure connection, a symmetric key can be shared between the two endpoints. Software that uses this type of encryption includes Secure Email, Secure Shell, SSH File Transfer, and web communication through HTTPS.
Regardless of the purpose or method of encryption used, the focus of this category is on encryption software.
 
 
Recommended Resources
Developed in Sweden in 2001, AxCrypt is an encryption software available in free, premium, and business versions, with varying features and limitations, which are listed side-by-side for comparison, along with prices and other details. The requirements for operating the software are given, along with usage tips, technical details, an overview of its security, password considerations, and release notes, as well as its reseller program, privacy policy, and terms of use.
https://www.axcrypt.net/
Available through a subscription service, the cloud-based digital asset manager uses MicroEncryption Exchange, the same proprietary military-grade cybersecurity technology as government agencies, data centers, healthcare exchanges, and large corporations, providing a safe place for private and confidential files, eliminating the risk of cyber threats, theft, and data loss. A thirty-day free trial is available, and its standard pricing plan is for up to 100 GB. Quotes may be requested for more.
https://certainsafe.com/
Created for the Microsoft Windows platform, CryptoExpert was designed to provide secure data vaults to owners of laptops and desktops, promising higher security, better reliability, and easier usability than the NTFS encryption program implemented in the built-in Windows Encrypted File System, forming secure vaults that appear as regular hard disks to Windows applications, which cannot be unlocked without a password. It is available for purchase for one, two, or three device licenses.
http://www.cryptoexpert.com/
Also known as GNU Privacy Guard or GPG, GnuPG is a free (GNU General Public License) alternative to the Symantec PGP cryptographic software suite, conforming to the OpenPGP standard. The software allows users to encrypt and sign their data and communications, using a versatile key management system and access modules for several types of public key directories. Created for GNU/Linux, there are packages for FreeBSD, OpenBSD, NetBSD, and macOS.
https://gnupg.org/
Also known as SSLP Group Limited, specialists in encryption technology, its focus is on enabling the secure electronic delivery of business documentation, with a range of clients from the public and private sector. Its data security and SSLPost e-document delivery solutions features enterprise-grade encryption that is GDPR compliant and ISO accredited. Other services include electronic document delivery that is flexible, auditable, brandable, secure, and available 24/7.
https://www.sslpost.com/
A fork of the discontinued TrueCrypt project, VeraCrypt is disk encryption software available for free, along with its source, under both the Apache License and the TrueCrypt License, which includes distribution and copyright restrictions. It can be used to create a virtual encrypted disk within a file, mounting it as a real disk, or to encrypt an entire partition or storage device, or a partition or drive where Windows is installed. A full list of features is posted, along with documentation.
https://www.veracrypt.fr/en/