“Who’s going to look in this file named ‘top secret details.xls’?” Does this type of question sound familiar? In the IT world, it should be like a second language of sorts the types of questions we get. However, once this user gets that file stolen by some means, you’re the first one they come to in order to save them. What if all of this could have been avoided to begin with, though?
This brings in my personal favorite, TrueCrypt. I’m sure most people have already heard of this software, as it is quite well known. Throughout this article, though, it’s going to cover the general aspects. Later ones are going to go more in-depth with this, and other, software.
Good vs. Bad
Before going into installing TrueCrypt, I want to cover some of the benefits of using this. What TrueCrypt does is basically creates a virtual drive (or virtual volume) of sorts that it (un)mounts, where you can put any type of document there. This may not sound at all amazing, especially in the Linux world where you can even just repartition a small hard drive for this purpose. The added benefit to TrueCrypt though is that it encrypts the contents inside of it’s virtual drive. This is done through the set up process of the virtual drive as to what encryption, strength, etc…will be used. Another benefit is that it works on multiple platforms (Linux, Windows and Mac OS X so far), so it’s quite easy to carry the virtual drive via thumb or network drive and not have to worry if it’s going to work or not. There’s also the fact that it can encrypt the entire drive, also requiring a password on boot for the hard drive to be decrypted and bootable. While I have not done any personal studies on how effective this is against forensics, it’s still a nice security feature to combat those who try to access your data without you knowing. This doesn’t just affect hard drives though, but also solid state drives like thumb drives. Lastly, I would like to point out that it’s seed and encryption algorithms are of top quality. The seed pool it uses with the GUI is by having the user move the mouse around a box to collect random data. As for the algorithms used, it’s mostly AES and Twofish-based, which is really quite nice…especially since AES is a cipher-based algorithm and one of the more difficult schemes to decrypt.
With the good though, does come the bad. While it may not come as a surprise, TrueCrypt does have to be installed on the host computer before a TrueCrypt-ed drive can be mounted. A remedy for this does exist though, in the form of a portable TrueCrypt. Last time I checked though it was only for Windows, and essentially required you to partition your thumb drive to use it anyways. You also need administrator rights to mount the drive (this goes for Windows and Linux, most likely Mac as well). If this is being used on your own PC/laptop, then this really doesn’t pose much of a problem…but, if you are trying to use this at work, a friend’s computer, etc…it might cause a security concern.
There’s one more point I want to go into before going into the installation and such of TrueCrypt is that you can create two different types of volumes. One is a regular volume, which is the same as a partition, nothing special. The other type of volume is a hidden volume. A hidden volume works in kind of a hierarchical fashion. It’s embedded inside of a regular volume, but is hidden until it’s mounted, as TrueCrypt embeds it inside of the free space on the volume it’s used with. Both volumes (should) use a separate encryption/keyphrase as well, to further the usefulness and secrecy that it is meant to hold.
Here is where this entry will leave off. Next will cover installation, usage and any other pros and cons I forgot to mention in this entry. Look forward to this next entry very soon.