PDA

View Full Version : Software TrueCrypt – Free Open-Source Disk Encryption Software



SonsOfLiberty
02-05-2009, 03:55 AM
TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). Files are automatically being decrypted on-the-fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are automatically being encrypted on-the-fly (right before they are written to the disk) in RAM. Note that this does not mean that the whole file that is to be encrypted/decrypted must be stored in RAM before it can be encrypted/decrypted. There are no extra memory (RAM) requirements for TrueCrypt. For an illustration of how this is accomplished, see the following paragraph.

Let's suppose that there is an .avi video file stored on a TrueCrypt volume (therefore, the video file is entirely encrypted). The user provides the correct password (and/or keyfile) and mounts (opens) the TrueCrypt volume. When the user double clicks the icon of the video file, the operating system launches the application associated with the file type � typically a media player. The media player then begins loading a small initial portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically decrypting it (in RAM). The decrypted portion of the video (stored in RAM) is then played by the media player. While this portion is being played, the media player begins loading next small portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) and the process repeats. This process is called on-the-fly encryption/decryption and it works for all file types, not only for video files.
Note that TrueCrypt never saves any decrypted data to a disk � it only stores them temporarily in RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your computer, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted (without proper system shut down), files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile).



Why ?

The first question that comes to my mind and probably yours as well is: Why would someone want to encrypt his hard drives / part of his hard drives ? (note you can also encrypt other storage devices like usb sticks)

There are numerous reasons for this. It can be as profane as to hide your daily dose of naked ladys from your wife, hide personal information from other people who might have access to your pc or encrypt your files on a removable storage device for transportation to prevent that the files can be accessed when the device is stolen.

Now what ?

Now, why encrypt the whole drive(s) and not just a small part of it ?

This is a good questions and I have to answer it to some lengths. Let me first tell you that true crypt is not able to encrypt a operating system and boot from it at the same time. That means either you use a second unencrypted operating system or move all sensible user data to the encrypted partitions.

As I said earlier I only encrypted the removable usb hard drive. All my tools that I�ve been using daily are still on the unencrypted internal drives. Guess what happens when I open Open Office and load a document from the encrypted drive ?

It leaves traces. Last used files are normaly shown, it probably gets cached in windows cache as well. That means, although the file itself is encrypted the possibility exists that it could still be accessed by other means. There are lots of scenarios like this, a browser caches the pages you visit, a media player keeps records of last played files also.

Wouldn�t it be much securer if those tools are also stored on an encrypted disk ?

Ever felt the need to keep your secret stuff or some confidential data away from prying eyes.
Well here is a excellent solution to hide your confidential files in a virtual encrypted partition.

Software Requirement

True Crypt
TrueCrypt is an open-source encryption software that enables you to create a
virtual encrypted disk within a file and mount it as a virtual disk, that can be
accessed via a drive letter. Any file that is stored on this virtual drive is
automatically encrypted on-the-fly, and can only be accessed while the drive
is mounted with the correct password or key.

TrueCrypt supports a variety of encryption algorithms including
AES-256
Blowfish (448-bit key)
CAST5
Serpent
Triple DES
Twofish
Other features include support for FAT32 or NTFS formatting, hidden volumes,
hotkeys for mounting/dismounting and more.

Download: http://www.truecrypt.org/downloads.php

True Crypt is available for Linux and Windows both and is a FREEWARE.

Lets Begin....

Note: TC = Turbo Crypt
=================================================
Guide
=================================================
Step 1 : Creating the TC Image File which will be mounted as encrypted partition.

Starting True Crypt will present you with this interface.
http://thumbnails.imagebam.com/665/56e1fa6644639.gif (http://www.imagebam.com/image/56e1fa6644639)

Click on "Create Volume" to create the image file and select "Standard True Crypt Volume".
Click Next.
http://thumbnails.imagebam.com/665/3d343f6644642.gif (http://www.imagebam.com/image/3d343f6644642)

Click on select file and select a folder on your hard drive where you would like to save your
TC image file , give approrpiate name [here "Test"] don't touch other buttons.
Click Next.
http://thumbnails.imagebam.com/665/cb10986644645.gif (http://www.imagebam.com/image/cb10986644645)

Select Encryption Algo and Hash Algorithm
http://thumbnails.imagebam.com/665/61cca96644647.gif (http://www.imagebam.com/image/61cca96644647)

You can benchmark and select your Encyption Algo , select the one with fastest speed
Here you can see that on my PC "Twofish" was the fastest.
http://thumbnails.imagebam.com/665/40490f6644649.gif (http://www.imagebam.com/image/40490f6644649)

Size of the TC Image file which you will mount , here the size can be the max free
space on your partition.

I have selected 50 MB.
http://thumbnails.imagebam.com/665/d97ad86644653.gif (http://www.imagebam.com/image/d97ad86644653)

Enter your password which will be used to encrypt your image file with the
selected algorithm.
http://thumbnails.imagebam.com/665/0c47256644656.gif (http://www.imagebam.com/image/0c47256644656)

==========================================
OPTIONAL part
Key file is not compulsary its for extra protection.

You can also have a Key file along with the password for double encryption.
NOTE: if you loose this key file then all the data in the image will be locked forever
Check the KeyFile box close to password to add key file.
You can also generate a random keyfile using the hash algo
http://thumbnails.imagebam.com/665/22f9fe6644659.gif (http://www.imagebam.com/image/22f9fe6644659)
http://thumbnails.imagebam.com/665/1f9a476644661.gif (http://www.imagebam.com/image/1f9a476644661)

If the password length is below 20 chars it will give you a warning but you
can continue with the password size below than 20 chars.
http://thumbnails.imagebam.com/665/4d4a7c6644664.gif (http://www.imagebam.com/image/4d4a7c6644664)

Formating the image file , i choose NTFS over Fat and click on Format.
http://thumbnails.imagebam.com/665/0372966644666.gif (http://www.imagebam.com/image/0372966644666)
http://thumbnails.imagebam.com/665/a658706644669.gif (http://www.imagebam.com/image/a658706644669)

Now the image file is created and now to access this partition all you need is to mount it.
http://thumbnails.imagebam.com/665/120bcc6644672.gif (http://www.imagebam.com/image/120bcc6644672)

Step 2 :

Click select file and browse the above created TC Image file which can be mounted.
http://thumbnails.imagebam.com/665/941e596644674.gif (http://www.imagebam.com/image/941e596644674)

Enter password and Key File if you have one.
http://thumbnails.imagebam.com/665/f0b6b86644676.gif (http://www.imagebam.com/image/f0b6b86644676)

Mounted , now open My Computer and add files to your encrypted partition.
http://thumbnails.imagebam.com/665/7967c56644680.gif (http://www.imagebam.com/image/7967c56644680)

Step 3 : Dismounting

Right click on TC Tray icon and dismount.
http://thumbnails.imagebam.com/665/4a11a56644681.gif (http://www.imagebam.com/image/4a11a56644681)

You can get more guides and references at a few places, here's a few links:

Neowin (http://www.neowin.net/forum/index.php?showtopic=585605)
TrueCrypt Beginners Guide (Offical) (http://www.truecrypt.org/docs/)
LifeHacker (http://lifehacker.com/software/top/geek-to-live--encrypt-your-data-178005.php)
Appaholic (http://appaholic.co.uk/2007/10/05/truecrypt-the-best-real-time-virtual-disk-encryption-security/)
Ghacks (http://www.ghacks.net/2005/12/11/securing-your-pc-with-true-crypt/)

:P

NippleCake
02-05-2009, 03:43 PM
thank you :) i am using truecrypt currently but I didn't encrypt my hard drives the way you have done it, i will try it out :)

pone44
02-07-2009, 12:51 AM
Is it true that someone can get locked out of their own PC's? If used wrong-of course. Such as - you lose the password.Is there someway to recover it without erasing your whole HD?? Not like i did that. :P Lol

SonsOfLiberty
02-07-2009, 03:23 AM
Yes if you forgot you password you would be screwed, their is no backdoor like PGP. Unless you work for the NSA you SOL :lol: Thats why you should always use caution, test it first, make a partition and copy data to it and encrypt that partition. If all goes good and you do want to hide data then go do it, but remember if you elect to use a password and or/keyfile and lose/forget either one, you have lost your data for good.

t7hx9k
02-11-2009, 06:51 PM
Thanks for the guide. I have some questions about TrueCrypt though.
When I move all the files to the volume created by TrueCrypt and encrypt it, the encrypted data will not be shown and cannot be accessed. That means that they cannot be shared through file sharing programs such as bittorrent and edonkey. Then I would have to keep the partition decrypted in order to keep seeding my torrents. Is there any function to allow certain programs to have access to the data while they are encrypted? And also, If me or someone accidently delete a TC image, all the data in the image will be gone forever. Is it possible to lock or display the image when they are dismounted?

SonsOfLiberty
02-11-2009, 07:54 PM
I'm not sure, eerything from A-Z is covered at TC's homepage...their are tons of documentations and FAQ's.

Skiz
02-11-2009, 07:57 PM
Where did the guide come from? You need to give credit. :eyebrows:

SonsOfLiberty
02-11-2009, 08:57 PM
Where did the guide come from? You need to give credit. :eyebrows:


Ummm, just because I don't know 1 answer, I don't encrypt what I'm sharing.....you can see all the credits at the bottom, of the article ;)

john pal
02-12-2009, 12:22 AM
use it and recommend it. you can put a password on the volume encrypted or you can create a key file encrypted in the most variated protocols. that way is more hard to break the encryption. However you will have to save it somewhere safe.

pmcgrady
08-15-2011, 10:57 PM
Awesome and it's free!

joshuatim
09-26-2011, 09:47 AM
What is the best place to download this without any spywares and adwares?

yurferner
10-22-2011, 07:50 AM
Thank you mate, great guide