DiskCryptor
 | |
 DiskCryptor main window | |
| Developer(s) | Anonymous ntldr <ntldr(at)diskcryptor.net> |
|---|---|
| Stable release | 1.0.802.118 / 1 January 2014 |
| Written in | C, Assembly |
| Operating system | Microsoft Windows NT 5+ |
| Available in | English |
| Type | Disk encryption software |
| License | GNU GPLv3 |
| Website | https://diskcryptor.net/wiki/Main_Page |
DiskCryptor a full disk encryption system for Microsoft Windows[1][2] that allows the encryption of an entire PC's harddrive or individual partitions – including the ability to encrypt the partition and disk on which the OS is installed.[3]
DiskCryptor was originally designed to replace commercial disk encryption systems such as DriveCrypt Plus Pack and PGP Whole Disk Encryption, and uses either AES-256, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption.
The project was originally started by a former TrueCrypt user and forum member which goes by the name of 'ntldr' (anonymous). It was originally fully compatible with TrueCrypt's container format but has since improved on the format in order to allow data-in-place encryption on Windows XP, to allow the system partition to have exactly the same format as non-system partitions and to support future project plans.
Program features
- Support for encryption algorithm AES, Twofish, Serpent, including their combinations.
- Transparent encryption of disk partitions.
- Full support for dynamic disks.
- Support for disk devices with large sector size (important for hardware RAID operation).
- High performance, comparable to efficiency of a non-encrypted system.
- Support for hardware AES acceleration:
- AES instruction set on recent Intel and AMD CPUs;
- PadLock extensions on VIA processors.
- Support for the SSD TRIM extension
- Support for hardware AES acceleration:
- Broad choice in configuration of booting an encrypted OS. Support for various multi-boot options.
- Full compatibility with third party boot loaders (LILO, GRUB, etc.).
- Encryption of system and bootable partitions with pre-boot authentication.
- Option to place boot loader on external medium and to authenticate using the key medium.
- Support for key files.
- Full support for external storage devices.
- Option to create encrypted CDs and DVDs.
- Full support for encryption of external USB storage devices.
- Automatic mounting of disk partitions and external storage devices.
- Support for hotkeys and optional command-line interface (CLI).
- Open license GNU GPLv3.
For limitations in the current version, as well as other technical information, see official website.
Encryption algorithms
All algorithms are implemented in XTS mode.
Hash function
- prf HMAC-SHA-512
Performance
On an Intel Core 2 Quad (Q6600) CPU data encryption speed amounts to 104 MB/s per core.[4] Crypto-algorithms for the x86 version are implemented in assembly language, the implementation having a maximum number of optimizations for the Intel Core line of processors, however it performs sufficiently fast on any other processors as well. Almost all possible enhancements to improve the performance have been applied such as the AES algorithm code is being dynamically generated with optimization made for the usage of a particular key.[4]
Supported OS
| Operating systems | Service pack | Bitness | |
|---|---|---|---|
| Windows | 2000 | SP0–SP4 | x86 |
| XP | SP0–SP3 | x86, x64 | |
| Server 2003 | SP0–SP2 | x86, x64 | |
| Vista | SP0–SP2 | x86, x64 | |
| Server 2008 | SP0–SP2 | x86, x64 | |
| 7 | SP0–SP1 | x86, x64 | |
| Server 2008 R2 | x64 | ||