PDA

View Full Version : TrueCrypt



Kyohack
12-12-2012, 12:53 AM
Over the past few weeks, I have been searching for a method to secure the contents of my hard disk drives by encrypting them. Since not all of my computers use windows 7 Ultimate or windows 8 Pro, I don't have access to BitLocker. Luckily, I found an even better solution: TrueCrypt. TrueCrypt is cryptographically secure, and there are no backdoors or traditional vulnerabilities, assuming that a secure alphanumeric password has been used (TrueCrypt developers recommend the minimum password length to be 20 characters). TrueCrypt's only technical vulnerability is a cold-boot attack (http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-htdocs/pub/coldboot.pdf), which isn't TrueCrypt's fault. A cold-boot attack requires the computer's physical RAM modules to be flash-frozen, removed, and then reinserted into another computer so that the contents of RAM can be dumped. The encryption keys are stored in RAM during the encryption process, and there currently are no alternatives for such an encryption implementation to be used.

I've been using TrueCrypt for the encryption of the entire contents of my system drive. I'm using a Western Digital SATA II 1.5TB drive (http://www.newegg.com/Product/Product.aspx?Item=N82E16822136513), and I haven't noticed any slow-downs in read/write performance of the drive. TrueCrypt makes use of parallelization, pipelining, and hardware acceleration when encrypting data. My system has a quad-core processor (specifically, an AMD Phenom II X4 960T), so the encryption occurs in parallel across each processor core. Unfortunately, the AES-NI instruction set required for hardware acceleration is only available on AMD's bulldozer processors, so my encryption is running at about a fourth of the speed, according to Intel (http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/healthcare-aes-ni-full-disk-encryption-paper.pdf). But thanks to pipelining, encryption occurs in RAM and is so fast that I haven't noticed any negative effects. When my HDD's disk activity is saturated to the max, only around 10% of my processing resources are used. So for me, my PC runs just as fast as if it weren't encrypted. I'm still able to play resource-intensive PC games such as Battlefield 3, without experiencing any issues.

Now, you may be wondering, "what if part of windows becomes corrupt, and needs to be repaired with the original install disc?" In such a scenario, since my drive is fully encrypted, I would need to fully decrypt the drive before being able to boot into windows PE to fix any OS issues. Luckily, TrueCrypt forces you to make a rescue disk that can be used to fully decrypt the drive, should the need arise. The rescue disk still requires a password in order to decrypt the drive, so there's no need to worry if it happens to fall into the wrong hands. Here's another disaster scenario; what if a power outage occurs, and the computer is shutdown in the middle of encryption? According to the TrueCrypt documentation, each "block" of data has a size of 16 bytes. So if corruption ever occurs due to power loss, then such corruption will only occur in low increments of a few bytes, rather, than say, on a per-file basis. Also, since encryption runs on-the-fly in RAM, the drive is still secured if power loss occurs.