TrueCrypt has finally released version 5.0 of it’s fantastic File/Volume/Disk encryption software and with that introduced the Mac World to “True” Encryption. Now I know all OSX junkies out there are trying to point out that OSX comes with FileVault (for free), but FileVault only encrypts the users home directory….that’s all. TrueCrypt gives you a lot more flexabilities than FileVault (and BitLocker under Vista). TrueCrypt (atleast under OSX) is implemented as a MacFUSE module (more info on MacFUSE here and here).
Main Features:
- Creates a virtual encrypted disk within a file and mounts it as a real disk.
- Encrypts an entire hard disk partition or a storage device such as USB flash drive.
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
- Hidden volume.
- No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
- Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
New features in version 5.0:
- Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts). For more information, see the chapter System Encryption in the documentation. (Windows Vista/XP/2003)
- Pipelined operations increasing read/write speed by up to 100% (Windows)
- Mac OS X version
- Graphical user interface for the Linux version of TrueCrypt
- XTS mode of operation, which was designed by Phillip Rogaway in 2003 and which was recently approved as the IEEE 1619 standard for cryptographic protection of data on block-oriented storage devices. XTS is faster and more secure than LRW mode (for more information on XTS mode, see the section Modes of Operation in the documentation). Note: New volumes created by this version of TrueCrypt can be encrypted only in XTS mode. However, volumes created by previous versions of TrueCrypt can still be mounted using this version of TrueCrypt.
- SHA-512 hash algorithm (replacing SHA-1, which is no longer available when creating new volumes). Note: To re-encrypt the header of an existing volume with a header key derived using HMAC-SHA-512 (PRF), select ‘Volumes’ > ‘Set Header Key Derivation Algorithm’.
So stop reading, click here and grab yourself a copy.