TrueCrypt is a free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux.
It’s main features are:
- Creates a virtual encrypted disk within a file and mounts it as a real disk.
- Encrypts an entire partition or storage device such as USB flash drive or hard drive.
- Encrypts a partition or drive where Windows is installed (pre-boot authentication).
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
- Encryption can be hardware-accelerated on modern processors.
- Provides plausible deniability, in case an adversary forces you to reveal the password:
- Hidden volume (steganography) and hidden operating system
If you are new to TrueCrypt, then I suppose their Beginner’s Tutorial is an excellent place to start. It explains in details how TrueCrypt works and you need to set it up. After the installation, TrueCrypt asks you if you want to read that Beginner’s Tutorial, so you really can’t miss it
To download it, go and visit the download page.
TrueCrypt can work with the following modes:
- a TrueCrypt file which mounts as a normal disk drive and which you can access normally like any other disk when it’s mounted
- a volume can be entirely encrypted, this is handy to encrypt flash drives or USB devices, so when they get lost or stolen, you are sure your data is kept safe
- encrypt the entire system drive, so including the operating system. This is the safest as it requires a pre-boot authentication, but might not always be as handy in all circumstances
TrueCrypt supports a lot of encryption cyphers such as:
|Algorithm||Designer(s)||Key Size (Bits)||Block Size (Bits)|
|AES||J. Daemen, V. Rijmen||256||128|
|Serpent||R. Anderson, E. Biham, L. Knudsen||256||128|
|Twofish||B. Schneier, J. Kelsey, D. Whiting,D. Wagner, C. Hall, N. Ferguson||256||128|
|AES-Twofish-Serpent||256; 256; 256||128|
|Serpent-Twofish-AES||256; 256; 256||128|
As you see, you can even chain encryption protocols, for added security.
In most cases, the AES protocol which is designed by our Belgian researches Daemen and Rijmen would be sufficient as it is also used by the US government to protect documents up to Top Secret level. But the real paranoid amongst you might chain for fun, but this will slow things down a bit of course
TrueCrypt at work
When launching the TrueCrypt Volume creation wizard, we have chosen to create a 5GB encrypted file, which will later on mount as a disk.
First step is t select the encryption algorithm (AES in our case, which is the default), and a file system organization mode (FAT or NTFS on Windows). Afterwards, it starts formatting.
After this, you have a file on your disk which you need to mount with TrueCrypt.
This a fairly straightforward process. Just select a drive letter (drive T: in our example), click on select file, find your Truecrypt file, open it, enter the password and you have a new disk drive at your disposal.
But this drive is an encrypted drive, which you can access as a normal disk drive. Dismounting the drive will just leave a file on your hard disk. So every time you need the encrypted volume you need to go through this process, but that’s the price to pay for added security
Upon boot time, you can get TrueCrypt to automount your drives if you like to do so, only thing you need to do is enter the appropriate password.
TrueCrypt is a free and simple encryption tool which is cross-platform. Files created on Windows can be mounted on Mac or Linux and vice versa. It is real powerfull in it’s simplicity. Give it a try, I’m sure you’ll like it too !