CrossCrypt
From Wikipedia, the free encyclopedia
CrossCrypt is an open-source on-the-fly encryption program for the Microsoft Windows XP/2000 operating systems. CrossCrypt allows a user to use virtual containers to encrypt data. The benefit of this system is that it allows a person to unencrypt a pool of data when it is needed to be used, and when closing the program the data is encrypted. This allows for programs to be run in the container with ease.
The format of CrossCrypt container is fully compatible with the old, and unfortunately insecure, version of the Linux loop-AES device format. This unfortunately prevents implementation of random IVs (initialization vectors), and other features that cryptologists and several institutions (e.g., NIST) recommend for modern cryptographic software.[dubious — see talk page] This, among other things, makes CrossCrypt volumes vulnerable to so-called watermarking attacks.
[edit] Comparison with similar programs
- CrossCrypt compared with TrueCrypt:
- TrueCrypt also runs on Linux.
- TrueCrypt uses salt and LRW mode (while CrossCrypt uses CBC mode with known and predictable IVs, which prevents plausible deniability — while the CrossCrypt site incorrectly states that CrossCrypt does offer plausible deniability).[dubious — see talk page]
- TrueCrypt provides two levels of plausible deniability, which might be useful in case an adversary forces the user to reveal the password:
- Hidden volume (more information may be found here).
- No TrueCrypt volume can be identified (TrueCrypt volumes cannot be distinguished from random data).