While on co-op I was tasked to encrypt the hard drives of the company laptops. The newer laptops with Windows 7 already had BitLocker but we wanted something flexible and preferably open-source to use for all operating systems. TrueCrypt matched the requirements very well. It has several encryption algorithms to choose from: AES, Serpent, Twofish, AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES, and Twofish-Serpent. It uses 256-bit key sizes and 128-bit block sizes. TrueCrypt uses RIPEMD-160 by default, but you can also use the SHA-512 and Whirlpool hash algorithms to create the HMAC. If you are wondering how secure it is take a moment to read about Operation Satyagraha.
In 2008, a Brazilian banker (who had his hard drives encrypted with TrueCrypt) suspected of fraud was arrested. His hard drives were examined by the Brazilian National Institute of Criminology (INC) for months until they asked the US Government for help in cracking the drives. The FBI used dictionary attacks for an entire year before throwing in the towel and giving them back to the Brazilian government. So to the ultra paranoid: If the FBI couldn’t crack TrueCrypt, you know it’s good. There is no back door for TrueCrypt and the creators are anonymous. Even if the government subpoenaed TrueCrypt’s creators to crack the password on a hard drive for a high profile case, there would be nothing they could do.
Using it is easy. Just download and install it from http://www.truecrypt.org. Then follow the instructions on their website. When you encrypt your hard drive, you should create a “rescue disc” in the event that you forget your password. You will need to remember your password because if you forget it and you don’t have that rescue disc, good luck trying to access your data. Every time you boot your machine, you will need to enter your password.
TrueCrypt will do its job at encrypting your data and keeping it safe from prying eyes when you’re not around. But like the cartoon on Professor F’s lecture slide shows, if someone really wants your password, they will bludgeon you with a pipe until you spill your guts (figuratively or literally).
Operation Satyagraha: http://en.wikipedia.org/wiki/TrueCrypt#Operation_Satyagraha
BitLocker vs TrueCrypt: http://www.tomshardware.com/reviews/bitlocker-truecrypt-encryption,2587.html
There are pros and cons to both BitLocker and TrueCrypt but while at my job I decided TrueCrypt was the way to go. I just thought I’d bring this software to everyone’s attention if they haven’t heard of it already.