Welcome, Guest. Please Login
 
  HomeHelpSearchLogin FAQ Radified Ghost.Classic Ghost.New Bootable CD Blog  
 
  Radified Community ForumsRad Community Technical Discussion Boards (Computer Hardware + PC Software)PC Hardware + Software (except Cloning programs) › On-the-fly hard drive encryption
(Moderators: Rad, Christer, NightOwl, Pleonasm, MrMagoo, El_Pescador)
Previous Topic | Next Topic
Page Index Toggle Pages: 1
Send Topic Print
On-the-fly hard drive encryption (Read 4108 times)
Rad
Radministrator
*****
Offline


Sufferin' succotash

Posts: 4090
Newport Beach, California


Back to top
On-the-fly hard drive encryption
May 12th, 2009 at 10:40pm  
Anybody try/use on-the-fly hard drive encryption?

I saw this:

http://filehippo.com/download_truecrypt/

Cool stuff, but I can't help but feel it's gotta come with a significant performance hit, no?

Love the names of their encryption algorithms:

Quote:
Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.


Features:

Quote:
TrueCrypt performs the following tasks:

* Creates a virtual encrypted disk within a file and mounts it as a real disk.

* Encrypts an entire partition or storage device such as USB flash drive or hard drive.

* Encrypts a partition or drive where Windows is installed (pre-boot authentication).

* Encryption is automatic, real-time (on-the-fly) and transparent.

I mean, laptop hard drives are slow enough.

What does this mean?

Quote:
* Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:

1) Hidden volume (steganography) and hidden operating system.
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
 
WWW  
IP Logged
 

MrMagoo
Übermensch
*****
Offline


Resident Linux Guru

Posts: 1026
Phoenix, AZ (USA)


Back to top
Re: On-the-fly hard drive encryption
Reply #1 - May 13th, 2009 at 1:06am  
True-crypt is often cited as an example of the right way to implement disk encryption.  They work very hard to implement the best encryption possible using the most peer-reviewed methods.  If you really want to make sure someone doesn't get your data, True-crypt is probably your best bet.

I haven't used it because every time I try, my computer crashes.  My particular processor/motherboard combination doesn't handle something correctly that True-crypt is trying to do.  Seems like lots of people use it with no issues tho, so I think its just me.

Rad wrote on May 12th, 2009 at 10:40pm:
Cool stuff, but I can't help but feel it's gotta come with a significant performance hit, no?

There is some performance hit.  In general, your CPU can do floating-point math far faster than your HD can read it, so the performance hit isn't as bad as you would think.  You'll notice it most on slower computers or during heavy multi-tasking.

Rad wrote on May 12th, 2009 at 10:40pm:
What does this mean?

In some countries (like the UK), you can be punished for not giving the authorities your encryption keys on request.  So, if you REALLY don't want ANYBODY to get your data, just encrypting it isn't enough.  You have to hide the fact that you even have the data. 

True-crypt attempts to do this by hiding a secret encrypted volume of data inside a non-secret volume of encrypted data.  If you are forced to turn over your encryption key, you turn over the key to the non-secret portion.  If everything works the way it should, they will never be able to prove you have the secret portion.

Rad wrote on May 12th, 2009 at 10:40pm:
Love the names of their encryption algorithms:

They didn't make them up themselves.  These are industry standard ciphers.  The NSA sponsored (open) development of AES.  Serpent was a finalist in the same design competition which AES won.  Twofish is the modern replacement for Blowfish (and also another finalist.)
 
WWW  
IP Logged
 
Rad
Radministrator
*****
Offline


Sufferin' succotash

Posts: 4090
Newport Beach, California


Back to top
Re: On-the-fly hard drive encryption
Reply #2 - May 13th, 2009 at 8:27am  
MrMagoo wrote on May 13th, 2009 at 1:06am:
I haven't used it because every time I try, my computer crashes.

So you *have* tried (to try) it. Shame it doesn't work for you.

MrMagoo wrote on May 13th, 2009 at 1:06am:
In some countries (like the UK), you can be punished for not giving the authorities your encryption keys on request.So, if you REALLY don't want ANYBODY to get your data, just encrypting it isn't enough.You have to hide the fact that you even have the data.

True-crypt attempts to do this by hiding a secret encrypted volume of data inside a non-secret volume of encrypted data.If you are forced to turn over your encryption key, you turn over the key to the non-secret portion.If everything works the way it should, they will never be able to prove you have the secret portion.

That is cool. Somebody has really been thinking this thru.

Wonder how imaging would work with an encrypted volume.
 
WWW  
IP Logged
 
Pleonasm
Übermensch
*****
Offline



Posts: 1619


Back to top
Re: On-the-fly hard drive encryption
Reply #3 - May 13th, 2009 at 11:18am  
About two years ago, I tested WinMagic's SecureDoc (a full disk encryption product), and experienced about a 3% reduction in performance.  Unfortunately, I couldn’t get SecureDoc to work well with Norton Ghost (version 10?), despite the company’s claims that the products are compatible.

Today, I use PGP Desktop to create virtual encrypted volumes, and have been pleased with that approach.
 
ple • o • nasm n. “The use of more words than are required to express an idea”
 
IP Logged
 
Page Index Toggle Pages: 1
Send Topic Print
Previous Topic | Next Topic
  « Home ‹ Board Top of this page

Radified Community Forums » Powered by YaBB 2.4!
YaBB © 2000-2009. All Rights Reserved.

Valid RSS Valid XHTML Valid CSS Powered by Perl Source Forge