Encrypt Data on Your Disk

From time to time we can read news that laptops with important data on it are lost or stolen. It is often case with government’s or company’s laptops with government and business secrets on it.

Recently on Slashdot post appeared that says: “U.S. Gov’t To Use Full Disk Encryption On All Computers”. Also, Bruce Schneier wrote about this on his blog (here).

Anyhow, if you are considering this kind of tool for personal usage, I recommend TrueCrypt because of next reasons:

  • It is open source meaning that you can check if it has hidden functionality that can compromise your data without your knowledge.
  • It is easy to use.
  • It is free.
  • Supports Windows XP/2000/2003 and Linux.
  • Almost 2 million downloads to date.

Main features of this tool are:

  • Creates a virtual encrypted disk within a file and mounts it as a real disk.
  • Encrypts an entire hard disk partition or a storage device such as USB flash drive.
  • Encryption is automatic, real-time (on-the-fly) and transparent.
  • Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
    1. Hidden volume (steganography).
    2. No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
  • Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish. Mode of operation: LRW  (CBC supported as legacy).

You can read more and download TrueCrypt from its Web site.

  1. Nemanja

    Yeah, TrueCrypt rocks! Beeing open source and using algorithms other then DES and AES is a big plus, and hidden inner volume is rarely seen functionality.

    The only problem is that you cannot encrypt stuff like c:documents and settings that usually contains tons of temporary files, so that can be a week spot. So, if you decide to use TC, don’t forget to use built-in EFS (proprietary and thus should be avoided), or ppdd/CFS (if you’re using Linux) on these folders.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.