Securing your Pc with True Crypt

Posted by Martin in Security  Tags: , , , ,

11

Dec


Only a few days ago I wrote a first small article about true crypt and recommended it. Back then I bought a usb 2.0 hard drive with 300 GB capacity and encrypted its entire partition with true crypt. This was done to test the programs functionality but also to see if it would slow down my main computer (athlon 64 3000+, 1 gb ram).

To my great suprise it did not slow down the pc and I decided to expand the encryption to cover all my hard drives. Let me tell you why and how i did this and why you should also be considering this.

Why ?

The first question that comes to my mind and probably yours as well is: Why would someone want to encrypt his hard drives / part of his hard drives ? (note you can also encrypt other storage devices like usb sticks)

There are numerous reasons for this. It can be as profane as to hide your daily dose of naked ladys from your wife, hide personal information from other people who might have access to your pc or encrypt your files on a removable storage device for transportation to prevent that the files can be accessed when the device is stolen.

Now what ?

Now, why encrypt the whole drive(s) and not just a small part of it ?

This is a good questions and I have to answer it to some lengths. Let me first tell you that true crypt is not able to encrypt a operating system and boot from it at the same time. That means either you use a second unencrypted operating system or move all sensible user data to the encrypted partitions.

As I said earlier I only encrypted the removable usb hard drive. All my tools that I´ve been using daily are still on the unencrypted internal drives. Guess what happens when I open Open Office and load a document from the encrypted drive ?

It leaves traces. Last used files are normaly shown, it probably gets cached in windows cache as well. That means, although the file itself is encrypted the possibility exists that it could still be accessed by other means. There are lots of scenarios like this, a browser caches the pages you visit, a media player keeps records of last played files aso.

Wouldn´t it be much securer if those tools are also stored on an encrypted disk ?

The setup:

I decided to do the following. I already have a partition for the operating system. All other partitions would be encrypted. The user data from the operating system would reside on an encrypted disk, as would be the pagefile and all other caching.

As a sidenote, one could also install a clean operating system on that partition and use vmware to install another operating system on encrypted drives. BartPE is another possibility. The operating system would be stored on a read only device.

All my tools reside on the encrypted drives, making it impossible for someone else to access them. (unless one would keep the pc running when leaving..)

How to:

I suppose you already are using your drives. True Crypt will erase all data on a partition if its applied to it. Therefor you should move or backup your files before you start this process.

Download true crypt and install the program. Download the true crypt user manual as well. Then backup / move your files if you have not done so already.

Start True Crypt and select Create Volume. You have the choice to create a standard or a hidden True Crypt Volume. The difference between the two is the following. A hidden volume has a own passphrase and always resides inside a standard volume. If someone forces you to reveal the passphrase you provide the one for the standard volume. Its impossible to say if a hidden volume exists even if the standard volume has been mounted. (True Crypt partitions are always filled with random data and one can´t therefor distinguish.)

Select standard partition now and in the next window you have the option to store the encrypted data in a file or encrypt a whole device. We want to encrypt a complete hard drive, select device and chose your hard drive that you want encrypted.

Encryption Options:

You have to select an encryption algorithm and an Hash Algorithm now. I don´t want to recommend one to you but as of now none has been officially cracked. Some people are discussing their choices on the official true crypt forum, if you are unsure you might want to go there. You can also use wikipedia for more information. (Blowfish information in this example)

Make sure that in the next step the whole hard disk space will be encrypted.

Selecting a password:

You will have to select a password which will be asked every time you want to mount your encrypted drive. Recommendations are that yours should be 20+ chars that consist of a mixture of upper- and lowercase, special chars and numbers. Its hard to remember at first but it will become easier over time. Its suggested that you do not write it down but thats up to you..

Volume Format:

Move the mouse around for 30+ seconds, select a filesystem (ntfs for windows xp recommended), leave cluster size at default und click format afterwards. The whole partition will be formatted and encrypted, all data that is left on the device will be lost forever. Make sure there is none that you still need left.

Mounting:

You have to mount an ecnrypted partition to enable it in windows. Chose Select Device in the main menu of true crypt and pick the encrypted drive. Then click on mount and enter your passphrase. If its correct the drive will appear and you can fill it with data.

The drive letter remains the same as before, so there should not be any problems with broken program links or the like.

Final Words:

Depending on your choices to use an unencrypted operating system, BartPE or VMware you need to make sure that all personal data and caches are stored on the encrypted partition. I strongly suggest you use one of the latter for the best security.

If you encounter errors I suggest you visit the true crypt forum which is well visited and contains lots of valuable topics of users that had problems with the tool.

I for myself decided to give BartPE a go and forget about the idea to have the operating system on the unencrypted partition. This saves a lot of the hassle of moving all cache and personal data locations to ones on the encrypted drive.

[tags]encrypt, blowfish, secure, security, true crypt, hide, serpent, aes, encryption algorithm, twofish[/tags]

Like such posts? Get updates via RSS NEWS FEED. Love Ghacks? Find out how you can help!

Spread The Article: Digg del.icio.us StumbleUpon Reddit Facebook Slashdot TwitThis YahooMyWeb Fark Mixx NewsVine

24 Users Commented In This Post

Subscribe To This Post Comment Rss Or TrackBack URL
dan says, December 11th, 2005   

nice article but it is difficult to take you seriously or even finish reading this page with your poor spelling and grammar….use your computer to help with this basic task….and then attempt to educate us on how to encrypt our hard drives…..

Bob says, December 11th, 2005   

Hey, I’ve been toying with this tool for quite awhile now, and its pretty slick. Thanks for sharing your experience, I will probably be doing just this on my laptop. Do you have any recomendations for OS partition sizes using windowsXP if I’m going to have my OS on an unsecured partition? Thanks!

Nosfera says, December 12th, 2005   

The link to the TrueCrypt website is not visible.

budiw says, December 12th, 2005   

Thank you. This is the software i’ve been looking for..

–budiw

PsicoIT Support says, December 12th, 2005   

Software de encriptación de discos

Yo conocía el Bestcrypt, que realmente me resultó de lo mejor, te permite crear múltiples unidades encriptadas de diversos tamaños que podes montar y desmontar cuando vos quieras, …

Administrator says, December 12th, 2005   

1. I´am not a native speaker, if you find errors tell me and I will correct them.
2. My partition was 5 gigs, about 3 have been used with the pagefile on another drive
3. Use http://www.truecrypt.org , which browser are you using ?
4. thanks a lot for your comment ;)

Nosfera says, December 12th, 2005   

The link to truecrypt.org in the article is displayed as normal text in Internet Explorer 6. In In Firefox it is ok. Looks like broken markup.

Em EnEx says, December 12th, 2005   

It is spelled “TrueCrypt” not “True Crypt” ;-)

Em EnEx says, December 12th, 2005   

You need to check how the links in the article look in Internet Explorer 6. The links look like normal text. In Firefox they’re displayed ok.

Martin says, December 12th, 2005   

The strange thing is, I´am using Internet Explorer 6 to check if the site displays fine with this browser and the links are clearly visible for me..

hm, anyone with very good css knowledge who would be able to assist ?

Internet and Information Technology Security - eLamb says, December 12th, 2005   

Securing your Pc with True Crypt

Tutorial that explains how to encrypt your hard drives with true crpyt (freeware) to prevent someone else accessing your files …

dds says, December 20th, 2005   

Excellent article. Thanks for sharing.

To the people who find fault with the spelling or grammar, I say get a grip! Not everyone in the world has English as their first language (though it tends to be used on Web pages disproportionately) and one must understand the value of getting something valuable for essentially no cost. If you pay for it then you have a right to complain, if not I suggest you offer helpful advice rather than criticism.

Thank you Martin for your article. It was most helpful.

Winn’s Blog » Securing your Pc with True Crypt says, January 3rd, 2006   

[...] read more | digg story [...]

khalid says, January 4th, 2006   

i want to install this software to try it

Winn’s Blog » Blog Archive » Securing your Pc with True Crypt says, March 25th, 2006   

[...] read more | digg story [...]

True Crypt 4.2 released » gHacks says, April 18th, 2006   

[...] You might know that I´am using True Crypt for some months now to encrypt and decrypt my entire removable hard disk that has 300 Gb capacity. All happens in realtime and I can´t see and witness any slowdowns so far. I´am able to download content to the drive with 14.2 Mbps and its working like every other hard disk. Yesterday a new True Crypt version was released and it has some amazing new features, let us take a look at some of them: # TrueCrypt volumes can now be created under Linux. # Ability to create a ‘dynamic’ container whose physical size (actual disk space used) grows as new data is added to it. # It is now possible to mount a single TrueCrypt volume from multiple operating systems at once [...]

chris mankey says, May 22nd, 2006   

nice article but it is difficult to take you seriously or even finish reading this page with your poor spelling and grammar….use your computer to help with this basic task….and then attempt to educate us on how to encrypt our hard drives…..

Wow, what a rude little bitch you are! Enjoy hell!

Security » Securing your Pc with True Crypt says, September 1st, 2006   

[...] Tutorial that explains how to encrypt your hard drives with true crpyt (freeware) to prevent someone else accessing your files / personal data without your permission.read more | digg story [...]

Jerry says, October 16th, 2006   

Thanks for the interesting and helpful article. I guess I’ll be trying TrueCrypt very soon. I see you’ve learned that you will meet all kinds when you take on a project such as this. Never mind the clowns who haven’t yet figured out that it’s much harder to learn a foreign language than to learn manners and proper decorum. (Apparently they failed that manners course, too). You do much better in English than I would do if I tried writing this in your native language.

Privacy checklist « Sky KID`s SKYNET says, December 13th, 2007   

[...] encrypted volumes on your PC , your USB drive …etc. You can check out the post in gHacks( here) to learn more about TrueCrypt(tutorial). If you decide to spare some cash - I am going to [...]

Maru says, January 12th, 2008   

I have a 160 Gb external HD used only for storage on the go - 10 gb primary partition and 150 Gb extended partition. If found that I had to change extended partition to primary partition so that TrueCrypt can format the device (150Gb partition) as NTFS. Otherwise, it can only format the extended partition as FAT.

Why is that? Curious.

Aj Hall says, March 31st, 2008   

Hey, I’ve been using Truecrypt for years now and find it invaluable to the protection of valuable software. And am still facinated by the mounting of hidden and encrypted devices. I was wondering though if one chooses to format the entire drive, windows recognises this drive as unformatted and requests you to format it if you ever select the device. Is there any way of hiding your drive completly from windows and having only truecrypt recognise it?

bat21win says, March 31st, 2008   

AJ Hall, you need to download a tool called: Tweak UI. That will allow you to hide specific drives.

I’ve been using TrueCrypt for 2 years now. Best encryption utility I’ve found so far. Used it on Windows so far, am about to try it on Linux.

TItus Barik says, August 21st, 2008   

TrueCrypt 6.0 now allows full-disk encryption, so you can encrypt the whole operating system in its entirety.

Leave Your Comments Below
Hello, please leave your thought below

Please Note: Each comment will be manually approved by an admin. There is no guarantee that a comment will be posted. Please do not submit the comment multiple times.