Truecrypt

From LinuxReviews
Jump to: navigation, search
TrueCrypt
Developed byTrueCrypt Foundation
Latest release4.2a / July 3, 2006
OSWindows/Linux
Available in21 languages
TypeEncryption
LicenseTrueCrypt Collective License
Websitewww.truecrypt.org

[edit] Why you want TrueCrypt

Bruce Schneier story regardnig TrueCrypt is this:

"On-the-fly encryption with plausible deniability."

[1]

On-the-fly encryption is a great security property you much likely want. TrueCrypt makes a encrypted file which is used as a "virtual" harddrive. You can encrypt this virtual partition using a variety of strong algorithms, including:

A neat security property is that you can make a cascade of different ciphers, for example, you can encrypt your virtual drive using Blowfish, Twofish and AES. Such a combination makes it very hard for the adversary to read your diary if the the adversary runs away with your computer and intensely tries to gain access to it using immense amounts of manpower and computer-power.

[edit] Plausible deniability

Plausible deniability is a very neat security property provided by TrueCrypt. These do not help against real-world attacks such as a camera watching you and your computer monitor, but the properties does help against some attacks.

TrueCrypt will, in sort, protect you against an attacker who tortures you into giving up your password. This will likely be the case if you are a journalist in dictatorships who pretend to be democratic countries, such as Norway, where the adversary - The "Secret Police", love to torture people and in many cases torture activists and journalists just for the fun of it.

  • TrueCrypt supports hidden volume creation. This feature allows you to make a "false bottom" of your virtual volume which hides a second virtual drive which can only be accessed by a second password.
    • Thus; if terrorist organizations such as the Norwegian secret police torture you into giving up your password then they will only gain access to the files on the "primary" drive. Norwegian secret police will probably torture you a bit more, just for fun, since they enjoy it, but they will not attempt to torture you into giving up the second password since they have no idea there is a second volume attached to the encrypted volume in question.
  • It is very hard to identify a TrueCrypt volume. A TrueCrypt drive can't be distinguished from random data. This makes it hard to search for TrueCrypt files on a computer.
    • This seriously reduces the chance of getting tortured into giving up your password. Thus; if you write something critical a tyrannical regime such as Norway and the Norwegian secret police grab you and your computer then there is a fair chance that they will not torture to get the password for yuor encrypted volume because they have no idea there is one. Sure, they will likely torture you just for the fun of it, but not to get the password for the encrypted volume.

[edit] Does TrueCrypt help when you're Under Attack?

TrueCrypt is a very solid program which does it's job well. However, it does not protect against "non-computer"-related real-world attacks. For example, the the adversary could break into your home and install a listening device inside your computer-keyboard, install key-logger software on the computer, and so on.

A microscopic hidden camera which covers the computer screen and keyboard would also be able to reveal too much information.

The TrueCrypt software does it's job. But it does not solve non-software related security issues.


Cite error: <ref> tags exist, but no <references/> tag was found
Personal tools
hardware tests
Categories
Privacy policy
linux events
ipv6
Networking
IPv6

Search:

linux newz | random page | poetry | free blog