When the subject of file/disk encryption comes up, when talking with my non-technical friends, I often get the oddest looks and the strangest comments. These comments generally revolve around the fact (my friends’ facts), that only someone with something to hide would need to encrypt files.
They’re right of course, but not for the reasons they set forth.
In the real world, aware computer users know that financial data, and other confidential information, can easily be subject to intrusive viewing by those not authorized to do so.
Some examples of how this might occur:
Internet malware attack: Increasingly, statistics reinforce the fact that financial data continues to be targeted by hackers/information thieves, for the purpose of identity theft.
Contrast that reality with these facts; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.
Lost or stolen Laptop: How often have we read the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week.
In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.
Lost or stolen USB drive: Since USB flash drives are so portable, you can take a drive virtually anywhere. Just like most items that are portable and that you carry with you, this type of drive can be lost (I’ve personally lost two), or stolen.
To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It’s a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until, decrypted.
TrueCrypt is an outstanding free open source software application (one I have using for the last several years), for establishing and maintaining an on-the-fly-encrypted volumes.
On-the-fly encryption simply means that data are automatically encrypted, or decrypted, just before they are loaded or saved, without any user intervention.
TrueCrypt uses 11 algorithms for encrypting private files in a password-protected volume. You can store your encrypted data in files, partitions, or in this latest release (November 23, 2009), a portable storage device such as a USB flash drive.
Once your encrypted files are mounted to a local drive with your password or key, you can manipulate those files, i.e. you can open, copy, delete, or modify them. When you have completed working on those files, you then dismount the volume and the files are then safely secured from unauthorized access.
Indicative of this application’s popularity is the fact that it is downloaded tens of thousands of times each day, across the Internet.
Creates a virtual encrypted disk within a file and mounts it as a real disk
Encrypts an entire hard disk partition or a storage device such as USB flash drive
Encryption is automatic, real-time (on-the-fly) and transparent
Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)
Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS
Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts
Pipelined operations increasing read/write speed by up to 100% (Windows)
Mac OS X version
Graphical user interface for the Linux version of TrueCrypt
XTS mode of operation – XTS is faster and more secure than LRW
As I said earlier, I have been using TrueCrypt for a number of years, and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try.
How effective is TrueCrypt? If you have any doubts as to how effective TrueCrypt really is, then read this article. FBI hackers fail to crack TrueCrypt:
The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.
System Requirements: Windows 7/Vista/XP (64 bit), Mac OS X, and Linux
Download at: TrueCrypt
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.