TrueCrypt

From Wikipedia, the free encyclopedia

TrueCrypt

TrueCrypt on Windows Vista
Developer: TrueCrypt Foundation
Latest release: 4.3 / March 19, 2007
OS: Windows/Linux
Available language(s): 21 languages
Use: Encryption
License: TrueCrypt Collective License
Website: www.truecrypt.org

TrueCrypt is a free open source on-the-fly encryption (OTFE) program for Microsoft Windows XP/2000/2003/Vista and Linux. It allows one to create a virtual encrypted disk (TrueCrypt volume) within a file and then mount it as a real disk. TrueCrypt can also encrypt an entire hard disk partition or a storage device/medium, such as floppy disk or USB memory stick. Thus, TrueCrypt creates device-hosted TrueCrypt volumes. Everything stored on a TrueCrypt volume is entirely encrypted (i.e., including file names and folder names). TrueCrypt volumes behave as real physical disk drives. This means that it is possible, for example, to repair the encrypted filesystem with chkdsk, defragment mounted volumes created by TrueCrypt, etc.

The encryption algorithms supported by TrueCrypt include AES, Blowfish, CAST5, Serpent, Triple DES, and Twofish. It also allows the use of a cascade of different ciphers, for instance AES+Twofish+Serpent.

All encryption algorithms use the LRW mode of operation, which is more secure than CBC mode for on-the-fly storage encryption.[1]

One of the notable features of TrueCrypt is that it provides two levels of plausible deniability, which might be useful in case a user is required to reveal the password:

  1. Hidden volume creation, which is a steganographic feature allowing a second password to be assigned to a volume, to access storage space that would not be accessible using the primary password (a false bottom of sorts).[2]
  2. No TrueCrypt volume can be identified (TrueCrypt volumes cannot be distinguished from random data. i.e. the file can not be linked to TrueCrypt).

Other features include:

  • Portable, "traveller mode", which allows TrueCrypt to be run without installation.[3]
  • Support for creating encrypted sparse files on NTFS drives. These volumes grow to accommodate new data, up to a specified maximum file size. However, using these files raises several performance and security concerns.[4]
  • Changing volume passwords and keyfile without losing encrypted data.
  • The ability to back up and restore volume headers (1024 bytes).
    • This could be used to restore a header to a damaged file, enabling it to be mounted after a hardware failure resulting in a damaged header.
    • Restoring an old header also resets a volume's password(s) to those valid when the header was backed up.

Contents

TrueCrypt Volume Creation Wizard (Windows XP)
TrueCrypt Volume Creation Wizard (Windows XP)

TrueCrypt is based on Encryption for the Masses (E4M). E4M was a popular open-source on-the-fly encryption (OTFE) program first released in 1997. However, it was discontinued in 2000 as the author, Paul Le Roux, began working on commercial OTFE software. The first version of TrueCrypt was released on February 2, 2004. At that time, it was the only open-source OTFE software that fully supported Windows XP and the only open-source OTFE software for Windows XP that provided plausible deniability.

TrueCrypt 1.0 supported Windows 98/ME and Windows 2000/XP. A later revision 1.0a removed the Windows 98/ME support, because the author of the Windows 9x driver for E4M claimed he gave no permission that would allow his code to be used in projects derived from E4M. Remark: The authors of Scramdisk and E4M exchanged their code (the author of Scramdisk provided the driver for Windows 9x, and the author of E4M provided the driver for Windows NT, which allowed the shareware Scramdisk NT to be created and released afterwards).

On June 7, 2004, TrueCrypt 2.0 was released, presumably from a different group/authors due to the different signing signature of TrueCrypt Foundation. Previous versions were signed by TrueCrypt Team. It was released under the GPL. A few weeks later, TrueCrypt 2.1 was released, but this time under the original E4M license, "to avoid potential problems relating to the GPL license."[5]

On October 1, 2004, TrueCrypt 2.1a was released on SourceForge and truecrypt.sourceforge.net became the official TrueCrypt website. As of the beginning of May 2005, the official TrueCrypt website is truecrypt.org again and the SourceForge website redirects to this site.

TrueCrypt Version 4.0 was released on November 1, 2005. It added support for Linux, x86-64, Big Endian machines, Keyfiles (two-factor authentication), the Whirlpool hash algorithm, language packs, and much more.

TrueCrypt Version 4.1 was released on November 26, 2005. It added LRW mode, which is more secure than CBC mode for on-the-fly storage encryption.[1] LRW mode also neutralized an exploit that could (under certain circumstances) be used to compromise the plausible deniability of a TrueCrypt volume by allowing it to be distinguished from random data.[5]

TrueCrypt Version 4.2 was released on April 17, 2006. This version added various features to the Linux version, such as the ability to create volumes, change passwords and keyfiles, generate keyfiles and backup/restore volume headers. In the Windows version it introduced support for dynamic (sparse file) volumes.

TrueCrypt Version 4.3 was released on March 19, 2007. This version added support for Windows Vista, support for filesystems using sector sizes other than 512 bytes, and several other feature improvements and bugfixes.

More detailed information is available in the version history.[5]

TrueCrypt is frequently mentioned in major newspapers. Among the articles published in US newspapers that mention TrueCrypt are:

  1. ^ a b Fruhwirth, Clemens (2005-07-18). New Methods in Hard Disk Encryption (PDF). Institute for Computer Languages, Theory and Logic Group, Vienna University of Technology. Retrieved on March 10, 2007.
  2. ^ Hidden Volume. TrueCrypt Documentation. TrueCrypt Foundation. Retrieved on March 10, 2007.
  3. ^ Traveller Mode. TrueCrypt Documentation. TrueCrypt Foundation. Retrieved on March 10, 2007.
  4. ^ Security Precautions. TrueCrypt Documentation. TrueCrypt Foundation. Retrieved on March 10, 2007.
  5. ^ a b c Version History. TrueCrypt Documentation. TrueCrypt Foundation. Retrieved on March 10, 2007.

Portal:Free software
 Free software Portal
Portal:Cryptography
 Cryptography Portal

Retrieved from "http://en.wikipedia.org../../../t/r/u/TrueCrypt_ce42.html"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.