Welcome to the official CrococryptMirror Homepage:
Encrypted File Backups
CrococryptMirror is a free software without registration, without activation, without limitations and without ads.
File and Folder encryption software CrococryptMirror 1.4 released - New password features and stability improvements
HissenIT released a new version of the file and folder encryption tool CrococryptMirror. It includes a password change function and - as requested by many users - a command-line option to provide the keyfile password. Although not recommended, this function can be used to provide the password, e.g., in scripts for automation purposes. The feature can also be used to "store" the keyfile password. continue
We released an update of CrococryptMirror as version 1.2. This relates to the setup and the portable version. Beside some bugfixes, we added a 32bit version for Windows XP and above. continue
We were able to test CrococryptMirror and CrococryptFile on Windows 10 successfully. Both applications run without problems in their respective current versions. continue
CrococryptMirror (aka "Crococrypt") is an encryption tool which mirrors complete folders to encrypted folders. The encryption algorithms that are used are AES and Twofish (256 bits, cascading). The keyfile is secured by a password using PKCS #5 (PBKDF2) with a SHA512/Whirlpool based HMAC using 100000 iterations and also AES and Twofish.
Additionally, a ZIP compression for storage space optimization is used. For reasons of performance the synchronization of source and destination folder is done in the background.
A backup copy of the keyfiles has to be stored at a secure place. Without the keyfile the containers cannot be decrypted.
In the portable version of CrococryptMirror keyfile and settings are stored together with the application folder. Hence, the complete application can be transported on an external storage device. Moreover, the folder "container" can be used to store portable containers.
Mirroring can be done manually (on-demand) or by using the sync service which detects directory changes on the fly.
- Copying and synchronizing of files/folders/directories (recursive) to encrypted folders
- Encryption of filenames
- Source folders can be stored in multiple destination containers at the same time (e.g., USB disk drive and Cloud storage)
- Network drives can be used as sources and destinations
- Explorer view to read encrypted containers
Some use case and feature examples:
Encrypted Cloud backup
Mirroring of folders on your computer into your cloud storage folder in encrypted form.
Encrypted backup on USB drive
Mirroring of folders on your computer to an external storage device in encrypted form.
Multiple storage locations can be used in parallel, e.g., an USB drive, Cloud storage and a local NAS. When using the sync service all encryption destinations while be queued and processed sequentially.
Two encryption modes
Use the automatic sync service or mirror a directory on-demand simply by clicking on CrococryptMirror's tray icon. Use the latter if you work constantly on a certain directory and do not want to create to much load for a backup.
Synchronizing means that also deleted files will be deleted in the container's destination, at the end both directories have the same content. The source directory is not touched.
Two decryption modes
A complete directory can be efficiently decrypted in a bulk operation. When only single files shall be restored, the Explorer view can be used. For this purpose, a local WebDav view on the encrypted container is opened (read-only), so files can be browsed and copied.
For technology enthusiasts, we want to describe some implementation details. CrococryptMirror uses two well-known cryptography providers: Oracle (originally Sun) for AES and Bouncy Castle (open source) for Twofish. These are popular implementations, the cryptography is done using these providers not by implementing the algorithms myself. On computers with CPUs which include AES hardware support, this AES implementation is used automatically. This is also done by other popular encryption tools today.
By using two different encryption algorithms and different implementations, the risk of compromising the whole encryption scheme is minimized. For instance, if you store an archive of your personal data in a cloud storage for a very long time, it might happen that weaknesses in the algorithms itself come up or that security vulnerabilities in the implementations are discovered.
The iteration count of 100000 used for the password protection of the keyfile is upwards compatible with future versions and is not hard coded, for maximum flexibility.
(click to enlarge)
This software is provided 'as-is', without any express or implied warranties or conditions of any kind.
In no event will the author be held liable for any damages arising from the use of this software.
Permission is granted to anyone to use this software for any purpose, subject to the following restriction: You may not distribute or redistribute this software without permission.
CrococryptMirror is available in English and German. All languages are included in a single installer.
Current AV Warnings
From time to time products of the Crococrypt Product Family are detected by individual antivirus software products as malware. These messages are so called "false positives". In such cases, you receive a warning by mistake because some binary pattern in the heuristics database of your antivirus software matches some random pattern in our product.
You can always verify that it is indeed a false warning by using, e.g., VirusTotal to scan our website or software. Sometimes even the whole website might be listed as malicious by SINGLE services.
If you are affected by such a case, please inform us via e-mail. We have and will correspond with the respective AV manufacturer which usually updates its virus pattern database.
The are no known warnings at the moment.
Downloads for Windows (Freeware)
All Windows versions since XP and above are being supported.
- The 64bit version is generally faster than the 32bit version.
- Windows XP users: The WebDav-based Explorer-view works only limited under XP. By default CrococryptMirror opens the system browser to view the container. If you prefer to view the container within the Windows Explorer, you have to setup the corresponding WebDav connection on localhost via the given URL: Go to "My Network Places", click "Add new resource" and provide the URL in the following format "http://localhost:423x" (x depends on the container).
- The URL used for the WebDav-based Explorer-view also works in every local Web browser (e.g., Firefox) and allows a different way of browsing through your containers.
- New: Password change function added (see tab "Files")
New: As requested by many users, now, you can provide the password through a command-line option.
Although not recommended, to provide your password in a script etc. you can use the following launch parameter:
CrococryptMirror.exe /pw PASSWORD. This can also be used to "save" the password.
- Fix: Windows symlinks/junctions are no longer followed. The previous behavior could cause race conditions.
- Fix: Stability and performance improvements regarding source file read errors
- A new icon was added to clearly distinct between the Crococrypt product family
- All setups are now clearly named CrococryptMirror-*
- Fix: Performance improvement due to an internal buffer which was too small. In some cases, the data transfer rate could drop to 1 MB/s (e.g., on exFAT).
- New: There is a new button to batch sync all existing containers at once.
- Fix: This is a minor security update because of a NSIS installer security fix (Windows-Setup only). The application has not changed.
- Support for 32Bit-Windows added
- Small bugfixes, especially: Under unclarified circumstances, it could happen that no file dialogs appear. This is fixed now.
- Rebranding: This is the first version which includes the new naming convention "CrococryptMirror"
- Minor bugfixes for more stability
- Bugfix: Special characters or non-ASCII chars in the container path prevented the synchronization.
- Enhancement: Existing and to be imported containers, now, do not require an existing source folder. Hence, decryption and Explorer view work without source.
- Enhancement: If the manual synchronization is not finished, now, a message box appears when clicking the sync button again.
- First Release
These are simply feature "ideas", there is no plan or schedule to implement them.
- Operating systems: Linux, MacOS, maybe Android app
- PKCS #11 Support: Hardware tokens/SmartCards via P11
- Single File Encryption: (With Explorer menu integration)
- Signing the keyfile: Integrity protection
- File filter: Optional mode for containers to exclude files with certain filename patterns from synchronization
- Quick-Mode: Optional mode without compression and Twofish to make use of AES hardware support on certain Intel computers to speed up encryption (and lower memory consumption)
- Crypto settings: Offer the user to choose between algorithms and options to create preferred (but still secure) cryptographic settings
- SMB/CIFS support: Server version of CrococryptMirror (maybe including group encryption) based on SMB/CIFS
- Commandline interface
- CrococryptMirror Review on "ilovefreesoftware"
- CrococryptMirror Review on gHacks
- CrococryptMirror video review on FindmySoft
- CrococryptMirror on Softpedia
- CrococryptMirror Portable on Softpedia
CrococryptMirror is freeware. Nevertheless, if you like to support the project's further development financially:
The payment is done via PayPal using HTTPS (separate window). In case you want to support the development of CrococryptMirror in a different way, simply contact me.
If you like CrococryptMirror, it would be a great thing if you share it with others!