Linuxpedia

< Back to index

TrueCrypt is a free open source on-the-fly encryption (OTFE) program for Microsoft Windows XP/2000/2003 and Linux. It allows one to create a virtual encrypted disk (TrueCrypt volume) within a file and then mount it as a real disk. TrueCrypt can also encrypt an entire hard disk partition or a storage device/medium, such as floppy disk or USB memory stick. Thus, TrueCrypt creates device-hosted TrueCrypt volumes. Everything stored on a TrueCrypt volume is entirely encrypted (i.e., including file names and folder names). TrueCrypt volumes behave as real physical disk drives. This means that it is possible, for example, to repair the encrypted filesystem with chkdsk, defragment mounted volumes created by TrueCrypt, etc.

The encryption algorithms supported by TrueCrypt include AES, Blowfish, CAST5, Serpent, Triple DES, and Twofish. It also allows the use of a cascade of different ciphers, for instance AES+Twofish+Serpent.

All encryption algorithms use the LRW mode of operation, which is more secure than CBC mode for on-the-fly storage encryptionClemens Fruhwirth, [http://clemens.endorphin.org/nmihde/nmihde-A4-ds.pdf New Methods in Hard Disk Encryption], Institute for Computer Languages, Theory and Logic Group, Vienna University of Technology, 2005.).

Like FreeOTFE, one of the notable features of TrueCrypt is that it provides two levels of plausible deniability, which might be useful in case a user is required to reveal the password:
# Hidden volume creation, which is a steganographic feature allowing a second password to be assigned to a volume, to access storage space that would not be accessible using the primary password (a false bottom of sorts—more information may be found [http://www.truecrypt.org/hiddenvolume.php here -->.
# No TrueCrypt volume can be identified (TrueCrypt volumes cannot be distinguished from random data. i.e. the file can not be linked to TrueCrypt as the program that created it in any way shape or form).

Other features include:
* Portable, "[http://www.truecrypt.org/docs/?s=traveller-mode traveller mode]", which allows one to run TrueCrypt without installation.
* Support for creating encrypted sparse files on NTFS drives. These volumes grow to accommodate new data, up to a specified maximum file size. However, using these files raises several performance and security concerns as explained in the program's [http://www.truecrypt.org/documentation.php documentation].
* Changing volume passwords and keyfile without losing encrypted data
* The ability to back up and restore volume headers (1024 bytes).
* * This could be used to restore a header to a damaged file, enabling it to be mounted after a hardware failure resulting in a damaged header.
* * Restoring an old header also resets a volume's password(s) to those valid when the header was backed up.

History of TrueCrypt

TrueCrypt is based on Encryption for the Masses (E4M). E4M was a popular open-source on-the-fly encryption (OTFE) program first released in 1997. However, it was discontinued in 2000 as the author, Paul Le Roux, began working on commercial OTFE software. The first version of TrueCrypt was released on February 2, 2004. At that time, it was the only open-source OTFE software that fully supported Windows XP and the only open-source OTFE software for Windows XP that provided plausible deniability.

TrueCrypt 1.0 supported Windows 98/ME and Windows 2000/XP. A later revision 1.0a removed the Windows 98/ME support, because the author of the Windows 9x driver for E4M claimed he gave no permission that would allow his code to be used in projects derived from E4M. Remark: The authors of Scramdisk and E4M exchanged their code (the author of Scramdisk provided the driver for Windows 9x, and the author of E4M provided the driver for Windows NT, which allowed the shareware Scramdisk NT to be created and released afterwards).

On June 7 2004, TrueCrypt 2.0 was released, presumably from a different group/authors due to the different signing signature of TrueCrypt Foundation. Previous versions were signed by TrueCrypt Team. It was released under the GPL. A few weeks later, TrueCrypt 2.1 was released, but this time under the original E4M license, as the official [http://www.truecrypt.org/docs/?s=version-history TrueCrypt version history] states, "to avoid potential problems relating to the GPL license."

On October 1, 2004, TrueCrypt 2.1a was released on SourceForge and [http://truecrypt.sourceforge.net truecrypt.sourceforge.net] became the official TrueCrypt website. As of the beginning of May 2005, the official TrueCrypt website is [http://www.truecrypt.org www.truecrypt.org] again and the SourceForge website redirects to this site.

TrueCrypt Version 4.0 was released on November 1, 2005. It added support for Linux, x86-64, Big Endian machines, Keyfiles (two-factor authentication), the Whirlpool hash algorithm, language packs, and much more.

TrueCrypt Version 4.1 was released on November 26, 2005. It added LRW mode, which is more secure than CBC mode for on-the-fly storage encryption. LRW mode also neutralized an exploit that could (under certain circumstances) be used to compromise the plausible deniability of a TrueCrypt volume by allowing it to be distinguished from random data (see the [http://www.truecrypt.org/history.php Version History] of TrueCrypt).

TrueCrypt Version 4.2 was released on April 17, 2006. This version added various features to the Linux version, such as the ability to create volumes, change passwords and keyfiles, generate keyfiles and backup/restore volume headers. In the Windows version it introduced support for dynamic (sparse file) volumes.

For more detailed information, refer to the official [http://www.truecrypt.org/history.php Version History] of TrueCrypt.

TrueCrypt in the Press

TrueCrypt is regularly mentioned in major newspapers. Among the US newspapers that published an article mentioning TrueCrypt are:
* The Washington Post, July 3, 2005, [http://www.washingtonpost.com/wp-dyn/content/article/2005/07/02/AR2005070200116.html Telling Computers How to Keep Secrets]
* New York Times, June 15, 2006, [http://www.nytimes.com/2006/06/15/technology/15askk.html?ex=1308024000&en=de269d475d4f911c&ei=5090&partner=rssuserland&emc=rss Password Protection for Portable Drives]
* USA Today, June 29, 2006, [http://www.usatoday.com/tech/columnist/andrewkantor/2006-06-29-data-thefts_x.htm Data thefts could be avoided with the slightest bit of care]

This entry uses material from from Wikipedia, the leading user-contributed encyclopedia. It is licensed under the GNU Free Documentation License. Disclaimer.