TrueCrypt
Ryan Kulla - March 20, 2007TrueCrypt is an amazing free disk encryption program.
There are a couple of different ways in which you can use TrueCrypt. First, you can encrypt an entire partition on your drive (but not an existing partition). Or, you can create a file on your system that will act as a virtual partition. I like to do the latter because it allows me to backup the partition to DVD or even carry it around with me by putting it on a USB drive, like my iPod. This is handy if you like to carry sensitive information with you wherever you go.
The following main features are some of what make TrueCrypt simply the best disk encryption software around:
- TrueCrypt partitions look and work just like any other drive. Once you mount a TrueCrypt volume–by entering the volume’s password–it gets assigned a drive letter. So you can deal with the files just as you would if it were a secondary hard drive (copy, paste, delete, etc.)
- TrueCrypt is both free of charge and it’s open-source; which means you can trust it to do what it claims.
- TrueCrypt doesn’t use the Windows registry. Instead, it uses an XML file. This makes it portable and version compatible. Not only can you use TrueCrypt on XP, 2000, Windows Server 2003 and Vista, but you can use it on Linux and OS X (and it will probably be ported to even more operating systems than that.)
- TrueCrypt volumes can exist on CD’s, DVD’s, USB drives and so on (as long as you make sure to use UDF or FAT32 file systems).
- TrueCrypt affords you plausible deniability. What this means is that if, for whatever reason, some adversary tries to get at your files, they not only wouldn’t be able to hack your encryption. They wouldn’t even know that you encrypted anything in the first place! There’s simply no way to prove you’re using encryption. TrueCrypt makes your encrypted volumes undetectable as being encrypted. Instead, they just look like some random garbage file. Also, TrueCrypt allows for nested encrypted volumes. This means you could throw some junk files in the first layer–then tell someone the password for that–and they would only see that junk and assume you cooperated with them, since you gave them your password. However, the real data that you wanted encrypted would actually be contained within that as a second layer, invisible to the adversary.
- TrueCrypt is superior to Windows XP’s built-in hard drive encryption because it’s open-source, portable across multiple Operating Systems and comes with plausible deniability. XP’s encryption doesn’t have plausible deniability because it uses certificates that anyone can view from the windows directory–which means they can know that you’re hiding something.
- TrueCrypt lets you choose from of the best algorithms in existence and you can even layer multiple algorithms on top of eachother for added security; though doing so is really overkill. Unless you really know what you’re doing, just use the default AES encryption. Furthermore, TrueCrypt doesn’t even know which algorithm you’re using. It tries your password against them all, until one works. This feature is needed for plausible deniability.
Of course, to really convince them, those “junk” files should look like something worthy of being encrypted or they might assume you’re trying to trick them.
There are some other things to note: Currently, when you install TrueCrypt it will come with pretty good documentation in PDF form, so don’t worry about finding documentation online. Also, if you lose your password/key you won’t ever be able to access your TrueCrypt volume(s)! There’s no way you can hack your password back; this is truly strong security. So make sure you don’t lose your password. An additional precaution you can take is to back up the header file that TrueCrypt uses. What this allows you to do is change your password and the original key will still work as the master key.
So, I hope I’ve sold you on this program. Many–if not all–of the top security gurus out there use TrueCrypt. But don’t let its sophistication intimidate you. To the user, TrueCrypt is very easy to set up and use; the program will walk you through it very nicely. It’s extremely stable and is even something you could teach your family to use. In fact, another cool use for TrueCrypt is to create an encrypted volume, store some private files in it, and then share that volume–and its password–with trusted persons only. Such as: family, friends or coworkers.
This entry was posted on Tuesday, March 20th, 2007 at 5:46 am and is filed under Freeware, Linux, Mac Stuff, Main, Open Source, Programming, USB, Utilities, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.