This post deals with File Access Control Using TrueCrypt. I will go through the basics of setting up a “Z” drive to hold my encrypted data. In a later post I will discuss the merits of encrypting the entire hard drive. There is a lot of power here if desired.
But here are the basic steps to get a working copy of TrueCrypt:
After clicking on “TrueCrypt Setup.exe”, you will see the following configuration screen where you click “Create Volume”
And click “next” to create the standard volume:
Select a volume location. You could specify an external device such as USB:
Next we need to select an encryption algorithm. You can select one of the following:
- AES: FIPS-approved cipher. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS.
- Serpent: 256-bit key, 128-bit block. Mode of operation XTS. (An AES finalist)
- Twofish: 256-bit key, 128-bit block. Mode is XTS. (An AES finalist)
- AES-Twofish: Two ciphers in a cascade opearting in XTS mode. Each block is first encrypted with Twofish (256-bit key) and then with AES (256-bit key). Each cipher uses its own key.
- AES-Twofish-Serpent: Three ciphers in a cascade operating in XTS. Each block encrypted with Serpent (256-bit key), then Twofish (256-bit key), and then AES (256-bit key).
- Serpent-AES: Two ciphers in a cascade operating in XTS mode. Each block encrypted with AES (256-bit key) and then Serpent (256-bit key).
- Serpent-Twofish-AES: Three ciphers in a cascade in XTS mode. Each block encrypted with AES (256-bit key), then Twofish (256-bit key), and finally Serpent (256-bit key).
- Twofish-Serpent: Two ciphers in cascade operating in XTS. Each block encrypted with Serpent (256-bit key) and then Twofish (256-bit key).
We also must choose a Hash Algorithm:
I liked Whirlpool’s security statement:
“Assume we take as hash result the value of any n-bit substring of the full WHIRLPOOL output. The design of WHIRLPOOL sets the following security goals:
- The expected workload of generating a collision is of the order of 2n/2 executions of WHIRLPOOL.
- Given an n-bit value, the expected workload of finding a message that hashes to that value is of the order of 2n executions of WHIRLPOOL.
- Given a message and its n-bit hash result, the expected workload of finding a second message that hashes to the same value is of the order of 2n executions of WHIRLPOOL.
- It is infeasible to detect systematic correlations between any linear combination of input bits and any linear combination of bits of the hash result, or to predict what bits of the hash result will change value when certain input bits are flipped (this means resistance against linear and differential attacks).”(Barreto, 2008)
Now we select the volume size:
Now a Volume Password:
And then Format, which normally will be NTFS:
After we click “format” we will see the following message:
And clicking “ok” will display the next message:
Clicking Exit takes us back to where we specify the drive letter we want to use (I chose “X”). In the Volume area click the “Select File” button, and browse to the folder and file that you specified for the TrueCrypt volume. Click and Open it so it shows in the Volume window as mine does below. Then click “Mount”.
This will ask us to provide our password. Supply this and click OK.
You should see a screen like the following, showing your path, size, encryption:
In the above window you will see that I allocated 250 MB for TrueCrypt, and have used AES-Twofish-Serpent, getting 3 cascading 256-bit ciphers! Cool, huh.
If I double click on the X Drive in that window where it specifies my path, it will react just like Windows Explorer and open up as follows:
I also will include a view of 2 JPG images that I stored in my TrueCrypt partition space. Both of these files are safely stored within TrueCrypt:
A “dismount” of my drive will close and secure my data. Before the dismount I can also open up Windows Explorer and see what is in Local Disk X. I can move any files in and out with ease. Above shows what it looks like before the dismount. At the risk of no steganography to hide my sense of humor, I must add that the file “today.JPG” also shows no dismount.
After dismounting, there no longer is an X drive to access, nor is there any possibility of viewing the files within the volume. It is encrypted until I open it again with TrueCrypt and supply my password (which must be remembered).
TrueCrypt 7.0 is pretty top notch for an open source product. Some CPUs support hardware-accelerated AES encryption which means really fast encryption. The default type of processor is the ones with Intel AES-NI instructions available. “TrueCrypt, one of the popular open-source programs for on-the-fly encryption, is out now with version 7.0. Most notably, the TrueCrypt 7.0 release provides hardware-accelerated AES support.” (Larabel, 2010)
Barreto, P. S. (2008, Nov 19). The Whirlpool Hash Function. Retrieved Dec 27, 2011, from LARC – Laboratory of Computer Networks and Architecture: http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html
Larabel, M. (2010, July 20). TrueCrypt 7.0 Released With Hardware-Accelerated AES. Retrieved Dec 12, 2011, from Phoronix.Com: http://www.phoronix.com/scan.php?page=news_item&px=ODQyNw