Comparison of disk encryption software

From Wikipedia, the free encyclopedia

This is a technical feature comparison of different disk encryption software.

Contents

[edit] Background information

Name Developer First released Licensing Operating system support Maintained?
eCryptfs Mike Halcrow 2005[1] Free, open source (GPL) Linux 2.6.19+ Yes
BestCrypt Jetico 1993[2] Commercial, limited source code Linux 2.6, Windows NT-based, Windows 9x, Windows 3.1, MS-DOS Yes
Sentry 2020 SoftWinter 1998[3] Commercial, closed source Windows NT-based, Pocket PC Yes
PGPDisk PGP Corporation 1998-09-01[4] Commercial, source available for personal review only[5] Windows NT-based, Mac OS X Yes
E4M Paul Le Roux 1998-12-18[6] Free, open source (custom) Windows 9x, Windows NT-2K Unmaintained
CrossCrypt Steven Scherrer 1999-06-09[7] Free, open source (GPL) Windows 2000/XP ?
Private Disk Dekart 1999[8] Commercial, closed source Windows NT-based, Windows 9x Yes
loop-AES Jari Ruusu 2001-04-11 Free, open source (GPL) Linux 2.0+ Yes
DriveCrypt SecurStar GmbH 2001 Commercial, closed source Windows NT-based Yes
DISK Protect BeCrypt Ltd 2001 Commercial, closed source Windows NT-based Yes
CGD Roland C. Dowdeswell 2002-10-04[9] Free, open source (BSD) NetBSD 2.0+ Yes
GBDE Poul-Henning Kamp 2002-10-19[10] Free, open source (BSD) FreeBSD 5.0+ Yes
cryptoloop ? 2003-07-02[11] Free, open source (GPL) Linux 2.5–2.6 Deprecated, known vulnerabilities
FileVault Apple Computer 2003-10-24 Commercial, closed source Mac OS X v10.3 and later Yes
FinallySecure Secude 2007 Closed source Windows XP, Vista Yes
FREE CompuSec CE-Infosys ? Freeware, closed source Linux 2.4-2.6, Windows 2000, XP, Vista Yes
TrueCrypt TrueCrypt Foundation 2004-02-02[12] Free, open source (custom) Linux 2.4-2.6, Windows 2000/XP/2003/Vista, Mac OS X Yes
dm-crypt/cryptsetup Christophe Saout 2004-03-11[13] Free, open source (GPL) Linux 2.6, Windows XP/2000/Vista (via FreeOTFE) Yes
dm-crypt/LUKS Clemens Fruhwirth (LUKS) 2005-02-05[14] Free, open source (GPL) Linux 2.6, Windows XP/2000/Vista (via FreeOTFE) Yes
FreeOTFE Sarah Dean 2004-10-10[15] Free, open source (custom) Windows XP/2000/Vista, Pocket PC, Linux (via dm-crypt/LUKS) Yes
GELI Pawel Jakub Dawidek 2005-04-11[16] Free, open source (BSD) FreeBSD 6.0+ Yes
CryptArchiver WinEncrypt ? Commercial, closed source Windows NT-based Yes
n-Crypt Pro n-Trance Security Ltd 2005 Commercial, closed source Windows NT-based Yes
Scramdisk Shaun Hollingworth 1997-07-01 Free, open source (custom) Windows 9x, Windows NT-2K Unmaintained
Scramdisk 4 Linux Hans-Ulrich Juettner 2005-08-06 [17] Free, open source (GPL) Linux 2.4–2.6 Yes
SecuBox Aiko Solutions 2007-02-19[18] Commercial, closed source Windows CE, Windows Mobile Yes
Safeboot Device Encryption Safeboot ?[19] Commercial, closed source Windows NT-based, Windows Mobile Yes
SecureDoc WinMagic Inc. 1997 Commercial, closed source Windows XP/2000/Vista, Windows Mobile (Mac OS/Linux coming soon) Yes
Secude securenotebook Secude 2003 Commercial, closed source Windows XP/2000 Yes
SafeGuard Easy Utimaco 1993[20] Commercial, closed source Windows NT-based[21] Yes
SpyProof! Information Security Corp. 2002 Commercial, closed source Windows NT4/2000/XP/Vista Yes
e-Capsule Private Safe EISST Ltd. 2005 Commercial, closed source Windows 2000, XP, 2003, Vista Yes
BitLocker Drive Encryption Microsoft 2006 Commercial, closed source Windows Vista Enterprise, Windows Vista Ultimate, Windows Server 2008 Yes
DiskCryptor ntldr 2007 Free, open source (GPL) Windows 2000, XP, Server 2003, Vista, Server 2008 Yes
Keyparc Bloombase 2007[22] Free, closed source Windows, Linux, Mac OS Yes
SafeGuard PrivateDisk
 Utimaco[23]  ? Commercial, closed source Windows Yes
Name Developer First released Licensing Operating system support Maintained?

[edit] Features

  • Hidden containers: Whether hidden containers can be created for deniable encryption. Note that some modes of operation can be more prone to watermarking attacks than others.
  • Pre-boot authentication: Whether authentication can be required before booting the computer, thus allowing one to encrypt the boot disk.
  • Custom authentication: Whether custom authentication mechanisms can be implemented with third-party applications.
  • Multiple keys: Whether an encrypted volumes can have more than one active key.
  • Passphrase strengthening: Whether key strengthening is used with plain text passwords to frustrate dictionary attacks, usually using PBKDF2.
  • Hardware acceleration: Whether dedicated cryptography acceleration extension cards can be taken advantage of.
  • Trusted Platform Module: Whether the implementation can use a TPM cryptoprocessor.
Name Hidden containers Pre-boot authentication Custom authentication Multiple keys Passphrase strengthening Hardware acceleration TPM
eCryptfs No No Yes Yes Yes Yes Yes
BestCrypt Yes Yes No Yes[24] ? No No
Sentry 2020 No No No ? ? No No
PGPDisk No Yes[25] ? Yes Yes[26] ? Yes
E4M No No No No ? No No
CrossCrypt No No No No No No No
Private Disk No No No Yes Yes No No
loop-AES No Yes[27] Yes[27] Yes[27] Yes[27] Yes[27] No
DriveCrypt Yes[28] Yes No Yes Yes No No
DISK Protect ? Yes[29] ? Yes[29] ? ? No
CGD No No Yes[30] Yes[31] Yes[30] No No
GBDE No No[32] Yes Yes[33] No[33] No[32] No
cryptoloop No Yes[34] Yes No No Yes[citation needed] No
FileVault No No No Two passwords[35] Yes[35] No No
FinallySecure No Yes Yes No Yes Yes Yes
FREE CompuSec No Yes No No No No No
TrueCrypt Yes Yes No No[36] Yes No No
dm-crypt/cryptsetup No Yes[34] Yes No No Yes No
FreeOTFE Yes No Yes[37] Yes[38] Yes No No
dm-crypt/LUKS No Yes[34] Yes Yes Yes Yes No
GELI No Yes[32] Yes Yes[39] Yes[39] Yes[32] No
CryptArchiver No No No No ? No No
n-Crypt Pro No No No No N/A[40] No No
Scramdisk Yes No No No No No No
Scramdisk 4 Linux Yes[41] No No No Yes[41] No No
SecuBox No No No No Yes No No
Safeboot Device Encryption ? Yes ? Yes ? ? No
SecureDoc No Yes[42] Yes Yes Yes Yes[43] Yes
Secude securenotebook No Yes Yes No Yes No No
SafeGuard Easy No Yes No Yes ? No Yes[44]
e-Capsule Private Safe Yes[45] No No Yes[45] No Yes No
BitLocker Drive Encryption No Yes
(With PIN or USB key)[46]		 No Yes[46]
 Yes
(Recovery keys only)		 No Yes[46]
DiskCryptor No Yes No No Yes No No
Keyparc No No Yes Yes Yes Yes No
SafeGuard PrivateDisk ? ? ? ? ? ? Yes[47]
Name Hidden containers Pre-boot authentication Custom authentication Multiple keys Passphrase strengthening Hardware acceleration TPM

[edit] Layering

For more details on this topic, see Encryption layer in storage stack.
  • Whole disk: Whether the whole disk can be encrypted, including the partition tables. Note that this does not imply that the encrypted disk can be booted off of; refer to "pre-boot authentication" in the features comparison table.
  • Partition: Whether individual disk partitions can be encrypted.
  • File: Whether the encrypted container can be stored in a file (usually implemented as encrypted loop devices).
  • Swap space: Whether the swap space (called a "pagefile" on Windows) can be encrypted individually/explicitly.
  • Hibernation file: Whether the hibernation file is encrypted (if hibernation is supported).
Name Whole disk Partition File Swap space Hibernation file
eCryptfs No No Yes No No
BestCrypt Yes Yes[citation needed] Yes Yes Yes[citation needed]
Sentry 2020 No No Yes No No
PGPDisk Yes Yes Yes Yes No
E4M No Yes Yes No No
CrossCrypt No No Yes No No
Private Disk No No Yes No No
loop-AES Yes Yes[27] Yes[27] Yes[27] No
DriveCrypt Yes Yes[28] Yes[28] No No
CGD Yes Yes Yes[30] Yes No
GBDE Yes Yes Yes[48] Yes No
cryptoloop Yes Yes Yes Yes No
FileVault No No Yes[35] Yes[35] No
FinallySecure Yes Yes No No No
FREE CompuSec Yes No Yes No No
TrueCrypt Yes Yes Yes Yes Yes[49]
dm-crypt Yes Yes Yes[50] Yes Yes[51]
FreeOTFE Yes Yes Yes No No
GELI Yes Yes Yes[48] Yes No
CryptArchiver No No Yes No No
n-Crypt Pro Yes Yes Yes No No
Scramdisk No Yes Yes No No
Scramdisk 4 Linux No Yes Yes No No
SecuBox No No Yes N/A No
Safeboot Device Encryption Yes Yes Yes Yes No
SecureDoc Yes[42] Yes Yes Yes No
Secude securenotebook Yes Yes No No No
SafeGuard Easy Yes Yes No[52] Yes No
SpyProof! No Yes Yes No No
e-Capsule Private Safe No No Yes[53] No No
BitLocker Drive Encryption No Yes No Yes
(parent volume is encrypted)		 Yes
(parent volume is encrypted)
DiskCryptor Yes Yes No No No
Keyparc Yes Yes Yes Yes No
Name Whole disk Partition File Swap space Hibernation file

[edit] Modes of operation

For more details on this topic, see Disk encryption theory.

Different modes of operation supported by the software. Note that an encrypted volume can only use one mode of operation.

  • CBC with predictable IVs: The CBC (cipher block chaining) mode where initialization vectors are statically derived from the sector number and are not secret; this means that IVs are re-used when overwriting a sector and the vectors can easily be guessed by an attacker, leading to watermarking attacks.
  • CBC with secret IVs: The CBC mode where initialization vectors are statically derived from the encryption key and sector number. The IVs are secret, but they are re-used with overwrites. Methods for this include ESSIV and encrypted sector numbers (CGD).
  • CBC with random per-sector keys: The CBC mode where random keys are generated for each sector when it is written to, thus does not exhibit the typical weaknesses of CBC with re-used initialization vectors. The individual sector keys are stored on disk and encrypted with a master key. (See GBDE for details)
  • LRW: The Liskov-Rivest-Wagner tweakable narrow-block mode, a mode of operation specifically designed for disk encryption. Superseded by the more secure XTS mode due to security concerns.[54]
  • XTS: XEX-based Tweaked CodeBook mode (TCB) with CipherText Stealing (CTS), the SISWG (IEEE P1619) standard for disk encryption.
Name CBC w/ predictable IVs CBC w/ secret IVs CBC w/ random per-sector keys LRW XTS
eCryptfs No Yes ? No No
BestCrypt ? ? No Yes[55] No
Sentry 2020 ? ? ? ? ?
PGPDisk ? ? ? ? ?
E4M ? ? ? ? ?
CrossCrypt Yes No No No No
Private Disk Yes No Yes[citation needed] No No
loop-AES single-key, multi-key-v2 modes[27] multi-key-v3 mode[27] No No No
DriveCrypt ? ? ? ? ?
CGD No Yes[56] No No No
GBDE No No Yes[33] No No
cryptoloop Yes No No No No
FileVault Yes[35] No No No No
FinallySecure ? ? ? ? ?
FREE CompuSec ? ? ? ? ?
TrueCrypt Legacy support [57] No No Legacy support [58] Yes [59]
dm-crypt Yes Yes No Yes, using *-lrw-benbi[60] Yes, using *-xts-plain
FreeOTFE Yes Yes No Yes Yes
GELI No Yes[61] No No No
CryptArchiver ? ? ? ? ?
n-Crypt Pro ? ? No No No
Scramdisk No Yes No No No
Scramdisk 4 Linux No Yes[62] No Yes[41] No
SecuBox Yes No No No No
Safeboot Device Encryption ? ? ? ? ?
SecureDoc ? ? ? ? ?
Secude securenotebook ? ? ? ? ?
SafeGuard Easy ? ? ? ? ?
e-Capsule Private Safe ? ? ? ? ?
BitLocker Drive Encryption No[63] Yes[63] No No No
DiskCryptor No No No Yes No
Keyparc ? Yes ? ? ?
Name CBC w/ predictable IVs CBC w/ secret IVs CBC w/ random per-sector keys LRW XTS

[edit] See also

[edit] External links

[edit] Notes and references

  1. ^ eCryptfs. Retrieved on 2008-04-29.
  2. ^ Jetico Company Info. Jetico. Retrieved on 2007-01-05.
  3. ^ Sentry 2020 news. Retrieved on 2007-01-02.
  4. ^ "PGP 6.0 Freeware released - any int'l links?". comp.security.pgp. (Web link). Retrieved on 2007-01-04.
  5. ^ PGPdisk source for review only. See [1].
  6. ^ archived E4M documentation.).
  7. ^ Stefan Scherrer (2004-02-03). readme.txt in CrossCrypt source distribution. Retrieved on 2007-01-05.
  8. ^ Dekart Encryption software timeline. Dekart.
  9. ^ Roland Dowdeswell (2002-10-04). CryptoGraphic Disk. mailing list announcement. Retrieved on 2007-01-14.
  10. ^ gbde(4) man page in FreeBSD 4.11. GBDE manual page as it appeared in FreeBSD 4.11. Retrieved on 2006-12-24.
  11. ^ Initial cryptoloop patches for the Linux 2.5 development kernel: http://uwsg.iu.edu/hypermail/linux/kernel/0307.0/0348.html
  12. ^ TrueCrypt version history
  13. ^ dm-crypt was first included in Linux kernel version 2.6.4: http://lwn.net/Articles/75404/
  14. ^ Clemens Fruhwirth. LUKS version history. Retrieved on 2006-12-24.
  15. ^ FreeOTFE version history. Retrieved on 2006-12-24.
  16. ^ geli(8) man page in FreeBSD 6.0. GELI manual page as it first appeared in FreeBSD 6.0. Retrieved on 2006-12-24.
  17. ^ ScramDisk 4 Linux Releases.
  18. ^ Secubox for Pocket PC. release announcement. Aiko Solutions. Retrieved on 2007-06-27.
  19. ^ Safeboot Device Encryption. release announcement. Safeboot. Retrieved on ?.
  20. ^ SafeGuard Easy 4.0 Technical Whitepaper. Utimaco. Retrieved on 2007-07-03.
  21. ^ Former versions for MS-DOS, Windows 3.x, Windows 9x, Windows NT4, IBM OS/2 up to Warp 4.
  22. ^ Keyparc - Free Encryption for Everyone. Bloombase.
  23. ^ Rebranded as ThinkVantage Client Security ThinkVantage Technologies Deployment Guide. Lenovo. Retrieved on 2008-03-05.
  24. ^ Supported by the BestCrypt container format; see BestCrypt SDK
  25. ^ PGP Whole Disk Encryption FAQ. PGP Corporation. Retrieved on 2006-12-24.
  26. ^ PGP private keys are always protected by strengthened passphrases
  27. ^ a b c d e f g h i j Jari Ruusu. loop-AES README file. Retrieved on 2007-04-23.
  28. ^ a b c DriveCrypt features. SecurStar GmbH. Retrieved on 2007-01-03.
  29. ^ a b DISK Protect 4.2 Data Sheet (PDF). Retrieved on 2008-02-27.
  30. ^ a b c Roland C. Dowdeswell, John Ioannidis. "The CryptoGraphic Disk Driver" (PDF). Retrieved on 2006-12-24.
  31. ^ Federico Biancuzzi (2005-12-21). Inside NetBSD's CGD. interview with Roland Dowdeswell. ONLamp.com.
  32. ^ a b c d FreeBSD Handbook: Encrypting Disk Partitions. Retrieved on 2006-12-24.
  33. ^ a b c Poul-Henning Kamp. "GBDE - GEOM Based Disk Encryption" (PDF). Retrieved on 2006-12-24.
  34. ^ a b c dm-crypt and cryptoloop volumes can be mounted from the initrd before the system is booted
  35. ^ a b c d e Jacob Appelbaum, Ralf-Philipp Weinmann (2006-12-29). "Unlocking FileVault: An Analysis of Apple's disk encryption" (PDF). Retrieved on 2007-03-31.
  36. ^ Although each volume encrypted with TrueCrypt can only have one active master key, it is possible to access its contents through more than one header. Each header can have a different password and/or keyfiles if any (cf. TrueCrypt FAQ: Is there a way for an administrator to reset a password when a user forgets it?)
  37. ^ FreeOTFE has a modular architecture and set of components to allow 3rd party integration
  38. ^ FreeOTFE allows multiple keys to mount the same container file via encrypted keyfiles
  39. ^ a b geli(8) man page in FreeBSD-current. GELI manual page in current FreeBSD. Retrieved on 2006-12-24.
  40. ^ n-Crypt Pro does not use password authentication — biometric/USB dongle authentication only
  41. ^ a b c For TrueCrypt containers
  42. ^ a b SecureDoc Product Information. WinMagic Inc.. Retrieved on 2008-03-05.
  43. ^ Seagate and WinMagic Team-up. WinMagic Inc.. Retrieved on 2008-03-05.
  44. ^ Embedded Security: Trusted Platform Module Technology Comes of Age. Utimaco. Retrieved on 2008-03-04.
  45. ^ a b Multi level access with separate access credentials, each enabling a different set of functional or logical operations. EISST Ltd.. Retrieved on 2007-07-25.
  46. ^ a b c BitLocker Drive Encryption Technical Overview. Microsoft. Retrieved on 2008-03-13.
  47. ^ ThinkVantage Technologies Deployment Guide. Lenovo. Retrieved on 2008-03-05.
  48. ^ a b File-based volume encryption is possible when used with mdconfig(8) utility.
  49. ^ yes, but only on Windows systems (http://www.truecrypt.org/docs/sys-encryption-supported-os.php)
  50. ^ dm-crypt can encrypt a file-based volume when used with the losetup utility included with all major Linux distributions
  51. ^ yes, but the user needs custom scripts: http://www.linuxquestions.org/questions/slackware-14/luks-encryption-swap-and-hibernate-627958/
  52. ^ For container functionality SafeGuard PrivateDisk is available from Utimaco.
  53. ^ Uses proprietary e-Capsule file system not exposed to the OS.
  54. ^ LRW_issue
  55. ^ New features in BestCrypt version 8. Jetico. Retrieved on 2007-03-02.
  56. ^ man 4 cgd in NetBSD-current. NetBSD current manual page on CGD (2006-03-11). Retrieved on 2006-12-24.
  57. ^ Containers created with TrueCrypt versions 1.0 through 4.0 use CBC.
  58. ^ Containers created with TrueCrypt versions 4.1 through 4.3a use LRW, and support CBC for opening legacy containers only.
  59. ^ Containers created with TrueCrypt versions 5.0 or later use XTS, and support LRW/CBC for opening legacy containers only.
  60. ^ Starting with Linux kernel version 2.6.20, CryptoAPI supports the LRW mode: http://lwn.net/Articles/213650/
  61. ^ Linux/BSD disk encryption comparison. Retrieved on 2006-12-24.
  62. ^ For Scramdisk containers
  63. ^ a b Niels Fergusson (August 2006). "AES-CBC + Elephant Diffuser: A Disk Encryption Algorithm for Windows Vista". . Microsoft Retrieved on 2008-02-22.