In the current urgency of online privacy, people need their data to be encrypted and secured. TrueCrypt was full disk encryption for such purpose but, unfortunately, it was dramatically abandoned in May 2014, after ten years of its launch. However, there are TrueCrypt alternatives that an internet user could opt to encrypt his data.
TrueCrypt was popular among millions of MacOSX and Windows users. For data encryption, it creates encryption partitions or visual encrypted disks into a file. Therefore, without a password, it is impossible to gain access to encrypted data onto the partitions.
The TrueCrypt software which was launched in 2004 was soon been detected with some of the security flaws mainly conducted by Google’s Project Zero security team. They discovered the two major security vulnerabilities within the software from which, one flaw could allow a normal user privilege to expand to administrative privilege through an application. These security patches within TrueCrypt were predicted to be a result of mismanagement by the developers. Also, these developers have no longer supported the software with updates. So, it’s better to have TrueCrypt alternatives for data security.
VeraCrypt is considered as an ideal TrueCrypt alternative. Its features are the same as the original software of TrueCrypt with the security enhancements. VeraCrypt has added security for the algorithms of the system and partition encryption. This is because of the advanced and added number of iterations per encryption.
Due to these added security features the risk of vigorous cyber attacks greatly cuts down. However, the encryption process in VeraCrypt becomes longer as the containers and partition take more time to start. Yet, the application remains unaffected.
VeraCrypt is software that is open-source and is available for free. It supports different algorithms such as AES, Twofish, Serpent, including the combination of all these algorithms. Also, the VeraCrypt software is regularly audited by the researchers and the process remains the same as for the TrueCrypt original software.
You can view the full list of enhancements made in VeraCrypt, here.
BitLocker is a TrueCrypt alternative that differs from the VeraCrypt and TrueCrypt disk encryptions. It does not develop encrypted containers instead it encrypts all the partitions at once. It uses an AES algorithm with a 128- or 256-bit encryption key and encrypts the complete volumes but is software just for windows.
Therefore, if you leave your computer powered on, any person using it could view all the files stored on that computer. However, for encrypting all the files individually, there is a particular Windows encrypting system called Encrypted File System (EFS). But these could also be accessed while the user is logged in.
The users could not supervise the backdoors to the BitLocker software, as it is not open-source. Also, the cordial relationship between Microsoft and NSA could prove to be a deal-breaker for many individuals. The feature that counters encrypted disk modification named Elephant Diffuser was removed by Microsoft which has raised the user’s concern.
There is no plausible deniability mechanism in BitLocker. However, it could be believed that the content of the hard drive is modified due to the removal of the Elephant Diffuser.
Through BitLocker, you could verify that an attacker has not modified the software to boot your computer.
Like BitLocker, DiskCryptor is also software specialized for Windows. It is a disk encryption software for which very limited security audit has been performed, although, it is open-source. Now you must be thinking that why the software is considered as an efficient TrueCrypt alternative.
As compared to TrueCrypt, it is much faster and requires fewer computing tools for encryption. DiskCryptor is easy-to-use software which 256-bit AES, Twofish, Serpent, or a combination of all these services for the purpose of encryption. yet, Serpent is claimed to be the fastest among all.
External devices such as USB drives, hard disks, CDs, and DVDs could be encrypted with the help of DiskCryptor. It supports various operating systems.
However, it won’t be a great choice if you are thinking to hide your data from NSA. Although you could use it for restricting an annoying kid from accessing your files, or if your device has been stolen.
Through DiskCryptor plausible deniability feature you could transfer installing a computer’s bootloader into an external device such as a USB drive or CD. Bootloader prevents the computer’s hard drive from being displayed as an empty space with dispersed data.
While using DiskCryptor it is necessary to start the computer and decrypt data through CD or USB bootloader.
CipherShed, when released was a fork of TrueCrypt. It is available for Windows PC, Mac OSX, and Linux, however, it must be compiled for use on the latter two. The first version released was non-alpha after which no other product (v1.0 or later) is released yet.
As compared to VeraCrypt, it is much slow software although this is moving towards betterment. In CipherShed the flaws of Truecrypt are patched.
However, the CipherShed disk encryption is not much different from the Veracrypt except in development. Through it, you can perform entire disk encryption or you could create encrypted containers.
Yet, one advantage of using CipherShed, which you could not get through VeraCrypt new versions is that it could be used with TrueCrypt containers. This is because the VeraCrypt’s increased iterations make it incompatible to use with the TrueCrypt containers, but also make it more secured.
Just like VeraCrypt, CipherShed requires hidden volumes for plausible deniability.
5. FileVault 2
As Bitlocker is for Windows, you could use FileVault 2 for Apple. This was first launched with OSX Lion and uses AES-XTC 128-bit algorithm for entire disk encryption. this Mac-only software uses the user’s login password as the key for encryption.
Like the BitLocker, FileVault 2 also has no option to create encrypted containers. That means your all data is visible and displayed to anyone who uses your PC till you are logged in. Also, a similar feature of FileVault 2 is that it is not an open-source and it could not be randomly inspected by people and it may contain backdoors.
BoxCryptor is software that has both versions, free and premium. This encryption software provides protection of AES-256 and RSA encryption and is file-based. BoxCryptor could be the best TrueCrypt alternative as it has the support of many cloud storage services like Dropbox, Google Drive, etc.
The encryption of such storage services is really beneficial as it provides protection to all important data. BoxCryptor supports all the popular platforms such as Windows, Linux, Mac, Android, and iOS too.
Is TrueCrypt Providing Security?
Conducting an investigation regarding TrueCrypt’s security, the Fraunhofer Institute for Secure Information Technology in 2015 has released a 77-page report. This audit was performed on the last stable version of TrueCrypt. It was discovered that the software was prone to many bugs, yet, it allows secure service for the primary use case. For instance, it could be secure to encrypt data on rest such as on USB or in an external hard drive.
The report suggested that the Bugs identified by Google were found residing in the TrueCrypt software but, they are not such vulnerable that they could allow hackers access. However, such secure encryption could not be possible in a computer’s memory or a mounted drive. It could cater hackers to access the encrypted data through decryption key which remains stored in the computer’s memory if the drive is mounted.
Whereas, the chances of hacker access in this situation remain low. To remain protected a user must mount the encrypted container in which the decrypted data is accessible or they must place the computer to hibernation with the encrypted container mounted. Yet, there is no way out if the encrypted container is open and someone accesses the computer. Therefore, a computer with encrypted, mounted drives should not be allowed to hibernate if the encrypted container is open.
Is TrueCrypt Worth Using
The mounted drives with the latest original version of TrueCrypt software on an older system could be fully secure with the exceptions described above. However, TrueCrypt is a bit insecure for the mounted device for those reasons discussed before.
However, if you are thinking to download TrueCrypt software now, then it could be risky and problematic. This is because it has been officially stopped from being offered and is not available for download since 2014. Yet, some of the websites and torrents claim to offer the original version of TrueCrypt for download. Also, for an ordinary person without software expertise, it could be a difficult task to figure out the alterations.
Github is a place where the archived copies could be freely audited; however, due to its time-consuming procedure and high cost, the experts haven’t audited most of the repositories. Yet, according to Open Crypto Projects, the Github repository copy, TrueCrypt 7.1 is verified. Whereas, some of the users claim TrueCrypt to be prone to Government intrusion.
Therefore, we would recommend you to try out the TrueCrypt alternatives which are either the derivatives of this disk encrypting software or entirely different from it.
While considering a True Crypt alternative for yourself, you should not give ultimate importance to the plausible deniability mechanism. Although, it is an added feature and bonus, but is a weak defense.
Through plausible deniability, it could not be proved that your PC contains encrypted data files. This is because the encrypted data does appear as no data at all. However, through the random noise, experts could spot that the files are encrypted.