4sysops - TrueCrypt: Free disk encryption for Windows and Linux

TrueCrypt is a nifty free Open Source disk encryption tool. It encrypts a whole hard disk or partition and also can create virtual volumes. TrueCrypt uses encrypted container files which can be mounted like hard disks. Under Windows, you can assign a driver letter to such a virtual device. I tested version 4.1 for Windows.

Update: Please, also check out my review about TrueCrypt 5.

All in all, TrueCrypt made a very good impression to me. I sometimes encrypt important confidential data using EFS (Encrypting File System). I think, I’ll switch to TrueCrypt now. Its biggest advantage over EFS is that it hides filenames and folder structure. I also like that one only can mount an encrypted volume when the data on it is needed. This brings some extra security.

TrueCrypt is very easy to use. The manual has 98 pages, but I was able to use TrueCrypt without consulting it. It uses self explaining wizards to create encrypted volumes. I recommend consulting the manual though, if you use TrueCrypt regularly. You will get there, detailed information of how TrueCrypt works.

Within less than a minute, I mounted my first encrypted virtual device. TrueCrypt supports several encryption algorithms.The best known ones are AES, Blowfish and Twofish. The supported bit lengths should be secure enough for the next 100 years or so.

When creating a virtual partition, you have to specify its size. The container file occupies this space even without files in it. One shouldn’t encrypt partitions that already contain files since TrueCrypt has to format it first.

You need a password and/or a keyfile to mount an encrypted device. Any file longer than 16 Bytes is good as a keyfile. TrueCrypt can also create one for you. The advantage of using a keyfile is that it provides protection against keystroke loggers. The safest way certainly is the combination of password and keyfile. TrueCrypt even supports multiple keyfiles. This way, you can manage multi-user shared access since all users have to supply their keyfiles before the encrypted device can be mounted.

Another interesting feature of TrueCrypt are the hidden volumes. Hidden volumes reside within another TrueCrypt volume. One simply uses another password to open a hidden volume. If someone forces you to open the TrueCrypt volume, you only enter the password for the outer volume. It is not possible to prove that a TrueCrypt volume contains a hidden volume. But be careful with hidden volumes. It is possible that you overwrite the contents of a hidden volume with data from the outer volume. The manual explains how one can prevent this.

TrueCrypt is also quite fast. I tested it on a PC with a 1 GHz CPU. It took TrueCrypt 13 seconds to format a virtual disk with 200 MB using AES as encryption algorithm. I then copied 150 MB in 20 seconds to the encrypted virtual volume. Working with encrypted files didn’t seem to be slower than with unencrypted files.

TrueCrypt: Free Open Source On-The-Fly Encryption

Leave a Comment | Subscribe RSS | Newsletter |

Comment by Patrick — April 30, 2007 @ 4:53 am

Hello,

I was wondering if you could quickly explain to me how to work this thing (TrueCrypt)? I set up the program and made a My Volume folder in my C drive just like it told me to do. I made a passphrase and everything. But where did all the files go in my drives, how do I access them? If you can help, that would be great!

Thanks,

Patrick

Comment by Michael — May 1, 2007 @ 4:40 pm

You have to select the Truecrypt file you created and then mount it to a drive letter.

Comment by Maarten — February 6, 2008 @ 12:19 am

I agree that TrueCrypt is the perfect (free) tool to encrypt files and volumes. We use it to safeguard data transported on USB disks. The only flaw to me is that it takes quite some time to format a 500 Mb disk with TrueCrypt: it can take me about four hours!!

Comment by Michael — February 6, 2008 @ 11:13 pm

Maarten, I recommend creating the TrueCrypt file on a hard disk. You can then copy it to the memory stick. I guess it would be faster.

Comment by shayne — February 7, 2008 @ 11:51 pm

I want to create a folder in the “my documents” folder and then have everything in that folder encrypted. I was successful in making a “file container” but it just shows up as a document.how can I have a folder that does the same thing? truecrypt forums are “down ” right now so I cant ask them.

Comment by Michael — February 9, 2008 @ 7:27 pm

Shayne, you have to mount this file with TrueCrypt.

Comment by Darshan — April 29, 2008 @ 10:11 am

In the above article you have mentioned
—–I quote—
TrueCrypt even supports multiple keyfiles. This way, you can manage multi-user shared access since all users have to supply their keyfiles before the encrypted device can be mounted.
—–end
Can you pls explain further how truecrypt can be used in multi-user shared access. i.e. 2 user mounting the same volume concurrently…..

Comment by Michael — May 2, 2008 @ 8:44 pm

Darshan, if I remember it right, it has nothing to do with multi-user shared access. The idea behind this feature is that you can only access the encrypted volume if all keyfiles are available. Every user has one keyfile. If you have only one keyfile, you can’t access the volume. Only if all users come together can they access the encrypted data. But this is all done on one PC.

TrueCrypt: Free disk encryption for Windows and Linux

8 Responses

Leave a Reply

Subscribe to 4sysops

Socialize with me

Poll

Follow me on Twitter

Top ten free admin tools

Recent Posts