No strings attached

Mar 31, 2008 16:43 GMT  ·  By

Lots of people lost a portable disk with some sort of important information, at least once in their life, and wished they had had the inspiration to encrypt it before it happened. Most probably, this is the thought that will cross every celebrity's mind after receiving the dreaded phone call asking for a certain sum of money so the movies or pictures that were on the laptop or USB stick they lost will not be made public.

This is probably one case in which top secret level encryption would come in handy, especially if you're talking about the encryption of entire hard-disks or USB disks that could contain sensitive information. Solutions for these problems do exist, some of them are available for money and others are free for everybody to use. Although people tend to think the paid solutions will provide the best quality when dealing with on-the-fly encryption, there is one name that will stand above a lot of other pieces of software that you might have in mind for the job, and that name is TrueCrypt.

What can you do with Truecrypt

Why do I think this is a very good encryption solution for the average Joe (and most probably even for any secret agent out there)? Because Truecrypt is free and open source, is capable of on-the-fly encryption (your data will be automatically encrypted or decrypted before being accessed, loaded or saved, without requiring any intervention from your part), will allow you to encrypt your data using 256-bit AES, Serpent, Twofish encryption or any combination of the three cipher algorithms that you can think of, will allow you to create hidden and encrypted disks and is also cross-platform (it can run on Windows, Linux and Mac OS X).

What else could one want from encryption software? To be able to encrypt your entire system partition so whoever will want to access your OS or even to be able to write or read files will have to enter the correct password? It already delivers that, although this feature is only available - at the moment - for the Windows platform.

Having overviewed the main features of Truecrypt, let's get a closer look on the one that is the subject of this article (I consider it to be also the most interesting and the thing that definitely raised at least one of your eyebrows): the capability of creating a hidden volume inside an already encrypted one. As in the case of an entire system partition, this is also a feature that is only available for the Windows users (although it might be ported to all the platforms Truecrypt runs on, as all its other features that are already available on all OSs).

How exactly does that work?

Well, it couldn't be simpler. Truecrypt will allow the user to create an encrypted file that, upon mounting, will appear like any other device (CD, DVD, USB disk, external hard drive or everything else you might think of), or format and encrypt a non-system partition, an entire USB stick or even an entire external or secondary drive.

Upon creation of the encrypted file container or volume, you will be able to also create a hidden volume inside the encrypted one you have already created (therefore the hidden volume you will create will also be encrypted). After creating the hidden volume, you will have two options when mounting the encrypted volume: to mount the one that's visible to everybody or to mount the one that only you know about using a different password and the same encrypted volume.

Now, let's see how you can easily create such an encrypted and hidden volume in a few easy-to-follow steps. First of all, download and install Truecrypt.

On the first screen you will see upon running the application, push the 'Create Volume' button to start the 'Truecrypt Volume Creation Wizard'. On the following screen the inexperienced users are recommended to select the file container option that will allow them to get used to what Truecrypt is capable of. Of course after playing with file containers you can easily move on to bigger challenges, such as encrypting whole USB sticks, system partition and even external or secondary drives.

Have your fun using the file containers and encrypting any drive you get your hands on (I say fun because doing these things are extremely easy to do and, unless you have no computer skills whatsoever, you will be able to encrypt anything with your eyes closed in no time) and prepare your USB stick, non-system partitions or external drive to host a hidden and encrypted volume because this is exactly what you will be able to create using the five easy-to-follow steps below.

The five steps (towards total privacy of your data)

Step one

Start Truecrypt again and, as explained above, push the 'Create Volume' button to start the 'Truecrypt Volume Creation Wizard'. Now, select the 'Create a volume within a non-system partition/device' and push 'Next'.

Step two

■ On the 'Volume Type' dialog you will have to select the 'Hidden Truecrypt Volume' option. ■ Pushing the Next button will lead you to the 'Volume Creation Mode' screen where you will choose the 'Direct mode' option (this assumes you have already created an encrypted Truecrypt volume using one of your hard drive's partitions, an USB stick or an external or secondary drive).

Step three

■ On the next screen select your Truecrypt's volume location and push 'Next'. ■ On the 'Outer Volume Password' window enter the password you use to mount the visible Truecrypt volume and go on the next screen pushing, as usual, 'Next'.

Step four

■ Hit that 'Next' button again and prepare to set the options, the size and the password for the hidden and encrypted volume you are about to create. ■ On the 'Hidden Volume Encryption Options' screen you can leave everything as it is and go to the next screen - unless you're an expert in encryption or want something better for your data than the default settings. ■ On the 'Hidden Volume Size' window you will have to specify the size of your future-to-be-created hidden volume (I recommend to set it about half the encrypted volume's size to be sure you have enough space to put other data in your encrypted volume). ■ On the 'Hidden Volume Password' dialog you will be able to choose a password for the hidden volume (it is recommended - as you will also be advised by the Truecrypt app - to choose a strong password so it will be harder or impossible to break in case anybody else finds out about your hidden volume and wants to guess or break its password). ■ On the 'Hidden Volume Format' screen you will be able to select the file-system to be used for your hidden volume and the cluster size (once again everything will be fine if you leave everything as it is). Also, as advised by the application, be sure you move your mouse as randomly as possible to increase the cryptographic strength of the encryption keys.

Step five

Press the 'Format' button and wait for the hidden volume to be created (a 1GB FAT hidden volume is created in less than two seconds so, if you're not hiding half of your 1 TB hard drive, the hidden volume will be ready in an instant).

How to use your hidden volume

To mount your freshly created hidden and encrypted volume you have to open the Truecrypt's main window, press the 'Auto-Mount Devices' button and enter the hidden volume's password. Now you can read, write, delete and modify the data contained on your hidden volume and you will never have to fear that anybody else will know about it. Not even the people that actually know that your USB stick (in case you've created the hidden volume on such a device) is encrypted.

Now that you have created your hidden volume and you have learned how to mount it, there's only one thing to worry about: what if you mount the encrypted volume and write over the information contained inside the hidden volume? Let's see how you can mount the encrypted volume without having to fear that such a thing could happen.

The only thing you have to do now is to press the 'Auto-Mount Devices' button, enter the encrypted volume's password, check the 'Protect hidden volume against damage caused by writing to outer volume' and enter the encrypted volume's password again in the required field. And you're done!

The main thing to keep in mind when dealing with Truecrypt is that encrypting and hiding file containers or entire disks will be done using the same steps for any platform (be it Windows, Mac or Linux), therefore you can easily modify your encrypted data wherever you are and on whatever type of OS your computer might run.

Photo Gallery (10 Images)

The TrueCrypt Volume Creation Wizard
+7more