![]() The TrueCrypt documentation lists many ways in which TrueCrypt's hidden volume deniability features may be compromised (e.g. In addition, the Windows versions of TrueCrypt have the ability to create and run a hidden encrypted operating system whose existence may be denied. TrueCrypt supports a concept called plausible deniability, by allowing a single "hidden volume" to be created within another volume. Some of those attacks are detailed below. To prevent those, the documentation distributed with TrueCrypt requires users to follow various security precautions. TrueCrypt is vulnerable to various known attacks which are also present in other software-based disk encryption software such as BitLocker. In another article the performance cost was found to be unnoticeable when working with "popular desktop applications in a reasonable manner", but it was noted that "power users will complain". In a test carried out by Tom's Hardware, although TrueCrypt is slower compared to an unencrypted disk, the overhead of real-time encryption was found to be similar regardless of whether mid-range or state-of-the-art hardware is in use, and this impact was "quite acceptable". The performance impact of disk encryption is especially noticeable on operations which would normally use Direct Memory Access (DMA), as all data must pass through the CPU for decryption, rather than being copied directly from disk to RAM. On some Intel processors, TrueCrypt supports hardware-accelerated AES to further improve performance. TrueCrypt supports parallelized encryption for multi-core systems and, under Microsoft Windows, pipelined read/write operations (a form of asynchronous processing) to reduce the performance hit of encryption and decryption. Later versions produce a security warning when mounting CBC mode volumes and recommend that they be replaced with new volumes in XTS mode. Īlthough new volumes can only be created in XTS mode, TrueCrypt is backward compatible with older volumes using LRW mode and CBC mode. XTS mode is thought to be more secure than LRW mode, which in turn is more secure than CBC mode. Prior to this, TrueCrypt used LRW mode in versions 4.1 through 4.3a, and CBC mode in versions 4.0 and earlier. ![]() TrueCrypt currently uses the XTS mode of operation. The cryptographic hash functions used by TrueCrypt are RIPEMD-160, SHA-512, and Whirlpool. Additionally, five different combinations of cascaded algorithms are available: AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES and Twofish-Serpent. Individual algorithms supported by TrueCrypt are AES, Serpent, and Twofish. There is an independent, compatible implementation, tcplay, for DragonFly BSD and Linux. The version for Windows 7, Windows Vista, or Windows XP can encrypt the boot partition or entire boot drive. Both 32-bit and 64-bit versions of these operating systems are supported, except for Windows IA-64 (not supported) and Mac OS X 10.6 Snow Leopard (runs as a 32-bit process). ![]() TrueCrypt supports Microsoft Windows, Mac OS X and Linux operating systems (using FUSE).
0 Comments
Leave a Reply. |