TrueCrypt
From Free net encyclopedia
Template:Infobox Software TrueCrypt is a free open source on-the-fly encryption (OTFE) program for 32-bit and 64-bit versions of Microsoft Windows XP/2000/2003 and Linux. It allows one to create a virtual encrypted disk (TrueCrypt volume) within a file and then mount it as a real disk. TrueCrypt can also encrypt an entire hard disk partition or a storage device/medium, such as floppy disk or USB memory stick. Thus, TrueCrypt creates device-hosted TrueCrypt volumes. Everything stored on a TrueCrypt volume is entirely encrypted (i.e., including file names and folder names). TrueCrypt volumes behave as real physical disk drives. It means that it is possible, for example, to repair the encrypted filesystem with chkdsk, defragment mounted volumes created by TrueCrypt, etc.
The encryption algorithms used by TrueCrypt are AES, Blowfish, CAST5, Serpent, Triple DES, and Twofish. It also allows the use of a cascade of ciphers, e.g., AES-Twofish-Serpent. All encryption algorithms use the LRW mode of operation, which is more secure than CBC mode for on-the-fly storage encryption.
Contents |
Features
One of the remarkable features of TrueCrypt is that it provides two levels of plausible deniability, which might be useful in case a user is required to reveal the password:
- Hidden volume creation, which is a steganographic feature allowing a second password to be assigned to a volume, to access storage space that would not be accessible using the primary password (a false bottom of sorts - more information may be found here).
- No TrueCrypt volume can be identified (TrueCrypt volumes cannot be distinguished from random data).
Other features include:
- Support for creating encrypted sparse files on NTFS drives. These volumes grow to accomodate new data, up to a specified maximum file size. However, using these files raises several performance and security concerns as explained in the program's documentation.
- Changing passwords on volumes without losing encrypted data
- The ability to backup and restore volume headers (1024 bytes).
- This could be used to restore a header to a damaged file, enabling it to be mounted after a hardware failure resulting in a damaged header.
- Restoring an old header also resets a volume's password(s) to those valid when the header was backup up.
History of TrueCrypt
TrueCrypt is based on Encryption for the Masses (aka E4M). E4M was a popular open-source OTFE program first released in 1997. However in 2000, it was discontinued as the author, Paul Le Roux, began working on commercial OTFE software with SecurStar. The first version of TrueCrypt was released on February 2 2004. At that time, it was the only open-source OTFE software that fully supported Windows XP and the only open-source OTFE software for Windows XP that provided plausible deniability.
Shortly after its release, SecurStar claimed that E4M was their property and the author, Paul Le Roux, while an employee, had stolen its source code, presumably from a similar product, DriveCrypt, and released it under an unauthorized license. It was seen and in fact proven as a false and dishonest measure to prevent TrueCrypt from competing with their commercial product, DriveCryptTemplate:Fact (it is important to note that no open-source/free disk encryption software existed for Windows XP at that time).
The SecurStar claims were believed to be baseless, since when E4M was released (under a very permissive open-source license), neither SecurStar nor DriveCrypt existed. SecurStar hired the authors of Scramdisk and E4M in 2001, three years after E4M was first released. These developers also signed a contract that obliged them to terminate the development of Scramdisk and E4M. The Scramdisk and E4M websites started redirecting their visitors to SecurStar's website, while stating that DriveCrypt (a closed-source commercial product) would supersede E4M and that Scramdisk would become obsolete.
According to some sources, there was a legal dispute between Paul Le Roux and his former employer, SecurStarTemplate:Fact. Because of legal reasons, Paul Le Roux refused to confirm whether the claims were true. Subsequently, development of TrueCrypt was officially suspended and its website, truecrypt.org, shut down. From that point onwards, TrueCrypt could only be obtained through third party sites and the program's legality was often questioned.
TrueCrypt 1.0 supported Windows 98/ME and Windows 2000/XP. A later revision 1.0a removed the Windows 98/ME support, because the author of the Windows 9x driver for E4M claimed he gave no permission that would allow his code to be used in projects derived from E4M. Remark: The authors of Scramdisk and E4M swapped their code (the author of Scramdisk provided the driver for Windows 9x, and the author of E4M provided the driver for Windows NT, which allowed the shareware Scramdisk NT to be created and released afterwards).
On June 7 2004, TrueCrypt 2.0 was released, presumably from a different group/authors due to the different signing signature of TrueCrypt Foundation. Previous versions were signed by TrueCrypt Team. It was released under the GPL, which caused controversy as it included works of previous authors who allegedly have not authorized the license changeTemplate:Fact. A few weeks later, TrueCrypt 2.1 was released, by the same people. The license reverted back to the E4M license.
Up till 2.1, TrueCrypt had to be obtained from dubious sourcesTemplate:Fact. There was no official website. The only proof of origin was the digital signature. On October 1, 2004, TrueCrypt 2.1a was released on SourceForge and truecrypt.sourceforge.net became the official TrueCrypt website. At that point it is believed that TrueCrypt has finally gained legitimacy. As of the beginning of May 2005, the official TrueCrypt website is www.truecrypt.org again and the SourceForge website redirects to this site.
TrueCrypt Version 4.0 was released on November 1, 2005. It added support for Linux, x86-64, Big Endian machines, Keyfiles (two-factor authentication), the Whirlpool hash algorithm, language packs, and much more.
TrueCrypt Version 4.1 was released on November 26, 2005. It added LRW mode, which is provably more secure than CBC mode for on-the-fly storage encryption. This mode also prevents a potential exploit, that could theoretically be used to compromise plausible deniablity by allowing identification of encrypted containersTemplate:Fact.
TrueCrypt Version 4.2 was released on April 17, 2006. This version added various features to the Linux version, such as the ability to create volumes, change passwords and keyfiles, generate keyfiles and backup/restore volume headers. In the Windows version it introduced support for dynamic (sparse file) volumes.