TrueCrypt
From Wikipedia, the free encyclopedia
| TrueCrypt | |
|---|---|
 |
|
 TrueCrypt on Windows Vista |
|
| Developed by | TrueCrypt Foundation |
| Latest release | 5.1a / March 17, 2008 |
| Written in | C, C++, Assembly |
| OS | Cross-platform |
| Available in | 29 languages |
| Genre | Disk encryption software |
| License | TrueCrypt Collective License |
| Website | www.truecrypt.org |
TrueCrypt is a software application used for on-the-fly encryption. It can create a virtual encrypted disk in a file (container), which can be mounted as if it were a real disk. TrueCrypt also supports device-hosted volumes, which can be created on either an individual partition or an entire disk. As of version 5.0, it can encrypt the Windows boot partition or entire boot drive. It is distributed under the TrueCrypt Collective License. TrueCrypt is available for Microsoft Windows, Mac OS X, and Linux.
Contents |
[edit] Encryption algorithms
The ciphers supported by TrueCrypt are AES, Serpent and Twofish. It also allows different combinations of cascaded ciphers (ie AES+Twofish, Serpent+AES, or AES+Twofish+Serpent). Since version 5.1, TrueCrypt has been using an Assembly implementation of the AES-encryption, which almost doubles performance compared to the previously used C-implementation..[1]
The cryptographic hash functions used by TrueCrypt are RIPEMD-160, SHA-512, and Whirlpool.
[edit] Modes of operation
Since version 5.0 all encryption algorithms use the XTS mode of operation. Prior to this TrueCrypt used LRW which is less secure, though more secure than CBC mode (when used with predictable initialization vectors),[2] which v4.0 used. From version 5.0, newly created volumes can only be encrypted in XTS mode; however, CBC and LRW mode volumes created by previous versions of TrueCrypt can still be mounted.[3]
[edit] Performance
Using TrueCrypt on a drive may decrease performance. Depending on factors including processor speed, this may be readily noticeable. TrueCrypt comes with a benchmark utility that will tell you encryption speed (in memory, not factoring hard drive speed).
To the right is an example of performance attained using TrueCrypt 5.1a on a laptop. The red line is the control, disk performance before encryption. The blue line is disk performance after full system disk encryption using AES and RIPEMD-160. The test system was running a 1400 MHz Pentium M and the disk was a 7200 rpm ATA6 drive.[citation needed]
[edit] Planned features
According to the TrueCrypt website[4] the following features are planned for future releases:
- Parallelized encryption/decryption
- Plausible deniability for system encryption
- Ability to create hidden volumes on Mac OS X and Linux
- Support for external authentication modules (cryptographic tokens)
- 'Raw' CD/DVD volumes.
[edit] History
[edit] Encryption for the Masses
TrueCrypt is based on Encryption for the Masses (E4M), a popular open source OTFE program first released in 1997. However, it was discontinued in 2000 as the author, Paul Le Roux, began working on commercial On-the-fly encryption (OTFE) software (DriveCrypt).
[edit] Release history
| Version | Release date | Significant changes |
|---|---|---|
| 1.0 | February 2, 2004 | Initial release. Featured support for Windows 98, ME, 2000 and XP. |
| 1.0a | February 3, 2004 | New release due to licensing issues; support for Windows 98 and ME removed because the author of the Windows 9x driver for E4M (the ScramDisk driver) gave no permission that would allow his code to be used in projects derived from E4M.[5] |
| 2.0 | June 7, 2004 | Release made under the GNU General Public License, and signed as the TrueCrypt Foundation – previous versions were signed by TrueCrypt Team. |
| 2.1 | June 21, 2004 | New release due to licencing issues relating to the GNU General Public License. This release was made under original E4M license.[6] |
| 2.1a | October 1, 2004 | Version released on SourceForge.net, which became the official TrueCrypt domain. The official TrueCrypt domain moved back to truecrypt.org again at the beginning of May 2005, and the SourceForge website redirects to there. |
| 3.0 | December 10, 2004 | |
| 3.0a | December 11, 2004 | Bugfixes |
| 3.1 | January 22, 2005 | |
| 3.1a | February 7, 2005 | Bugfixes |
| 4.0 | January 22, 2005 | Addition of support for Linux, x86-64, Big Endian machines, Keyfiles (two-factor authentication), the Whirlpool hash algorithm and language packs. |
| 4.1 | November 25, 2005 | Addition LRW mode, which is more secure than CBC mode for on-the-fly storage encryption.[2] LRW mode also neutralized an exploit that could (under certain circumstances) be used to compromise the plausible deniability of a TrueCrypt volume by allowing it to be distinguished from random data.[3] |
| 4.2 | April 17, 2006 | Addition of various features to the Linux version, such as the ability to create volumes, change passwords and keyfiles, generate keyfiles and backup/restore volume headers. In the Windows version, it introduced support for dynamic (sparse file) volumes. |
| 4.2a | July 3, 2006 | Bugfixes |
| 4.3 | March 19, 2007 | Addition of support for Windows Vista, support for file systems using sector sizes other than 512 bytes, and several other feature improvements and bugfixes. Note: Vista's defragmentation utility, as well as third party defragmenters like Diskeeper, are unable to defragment TrueCrypt volumes with this release. |
| 4.3a | May 3, 2007 | Bugfixes |
| 5.0 | February 5, 2008 | Addition of Mac OS X support, GNU/Linux graphical interface and Windows system disk encryption with pre-boot authentication, ability of creation of hidden volumes within NTFS volumes, but removed the ability to create hidden volumes on Linux, use the tool on a non-gui console and the ability to create encrypted partitions from the text mode. Encrypting the system volume for Windows 2000 is no longer supported.[7] Encrypting containers and non-system volumes is still supported, however.[8] |
| 5.0a | February 12, 2008 | Bugfixes |
| 5.1 | March 10, 2008 | Addition of support for hibernation on Windows computers where the system partition is encrypted, the ability to mount a partition in Windows that is within the key scope of system encryption without pre-boot authentication, and added command line options for creating new volumes in Linux & Mac OS X. This version also reduced the minimum memory requirements for the TrueCrypt Boot Loader (AES) from 42 KB to 27 KB in Windows and included significant improvements in AES encryption/decryption performance. |
| 5.1a | March 17, 2008 | Bugfixes |
[edit] References
- ^ Version History Part 1. TrueCrypt Documentation. TrueCrypt Foundation. Retrieved on 2008-06-04.
- ^ a b Fruhwirth, Clemens (2005-07-18). New Methods in Hard Disk Encryption (PDF). Institute for Computer Languages, Theory and Logic Group, Vienna University of Technology. Retrieved on 2007-03-10.
- ^ a b Version History. TrueCrypt Documentation. TrueCrypt Foundation. Retrieved on 2007-03-10.
- ^ Features to be implemented in future versions
- ^ The authors of Scramdisk and E4M exchanged some code – the author of Scramdisk provided a driver for Windows 9x, and the author of E4M provided a driver for Windows NT, enabling cross-platform versions of both programs.
- ^ TrueCrypt User's Guide (PDF). TrueCrypt Version 3.1a. TrueCrypt Foundation (2005-02-07). Retrieved on 2007-05-01.
- ^ http://www.truecrypt.org/docs/sys-encryption-supported-os.php
- ^ http://www.truecrypt.org/docs/supported-operating-systems.php
- Savetz, Kevin. "Telling Computers How to Keep Secrets", The Washington Post, 2005-07-03, p. F07. Retrieved on 2007-03-10.
- Biersdorfer, J.D. "Password Protection for Portable Drives", The New York Times, 2006-06-15. Retrieved on 2007-03-10.
- Kantor, Andrew. "Data thefts could be avoided with the slightest bit of care", USA Today, 2006-06-29. Retrieved on 2007-03-10.
- Ward, Mark. "Campaigners hit by decryption law", BBC news website. Retrieved on 2008-01-20.
- Eric Marvets Talks TrueCrypt
- TrueCrypt at Security Now!
[edit] See also
- Disk encryption
- Full disk encryption
- Disk encryption software
- Deniable encryption
- Comparison of disk encryption software
