TrueCrypt: An Encryption Solution for Vista

TrueCrypt is a free, open-source disk encryption software application. Encryption (as well as decryption) falls in the domain of cryptographic technology. According to Wikipedia, encryption is the process of transforming information using an algorithm to an unreadable form accessible only to those who possess the security keys. The consequence of the procedure is encrypted information and its reverse process is known as decryption, i.e. converting the encrypted information back into a readable state.

There are two kinds of data on which encryption processes can be applied.

1. Data at rest, such as files on a hard disk or USB flash drives, operating system data, etc..

There have been numerous incidents where confidential data such as personal records on disks have been exposed through loss or theft of laptops and backup drives. Encryption is definitely required in such scenarios if physical security measures fail.

2. Data in transit i.e. data being transferred via networks such as internet, mobile phones, ATM’s, Bluetooth devices etc.

Data in transit can also be intercepted since it is extremely difficult to physically secure access to all networks, so its encryption is also mandatory.

TrueCrypt is software that encrypts data at rest (be it the data on hard disk or removable storage devices). It is compatible with all OS including Windows Vista/ XP, Mac OS X and Linux.

Windows Vista (business as well as ultimate edition) has two built-in disk- encryption features.

1. NTFS on- disk, file- level encryption

NTFS encryption is also supported by all versions of Windows XP/2000 but its limited capability to encrypt only at the file- level is a great drawback. This kind of encryption fails at places where the entire contents of the disk need to be encrypted.

2. BitLocker encryption

It’s an on- the- fly encryption system that encrypts the system disk (including all user files) as well as OS executables and boot files. It saves only the data on the system’s hard disk but it doesn’t protect the data on auxiliary/ removable drives.

To overcome these limitations of the built- in encryption techniques effectively and to save all type of ‘data at rest’, a third- party solution is required. This solution is provided by TrueCrypt which is free i.e. it’s available free of cost and open- source i.e. its C++ implementation is also available to everyone and liable to change.

Truecrypt is meant for establishing and keeping an on- the- fly encrypted data storage device. On- the- fly encryption means that data is automatically encrypted/ decrypted before it is loaded or saved in the memory without the need of any user intervention. This does not mean that the whole file that is to be encrypted/ decrypted must be stored in RAM before it can be converted. No extra memory is required for TrueCrypt.

Let's suppose that there is an .avi video file stored on a TrueCrypt volume. The user provides the correct password (and/or keyfile) and opens the TrueCrypt volume. When the user opens the video file, the OS launches the application associated with the file type – typically a media player. The media player then begins loading a small initial portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically decrypting it in RAM. The decrypted portion of the video (stored in RAM) is then played by the media player. While this portion is being played, the media player begins loading next small portion of the video file from the TrueCrypt-encrypted volume to RAM and the process repeats. This process of ciphering/ deciphering in chunks is called on-the-fly encryption/decryption and it works for all file types.

Continue reading on Page 2