This article can also be found in the Premium Editorial Download "Information Security magazine: Security researchers on biometrics, insider threats, encryption and virtualization."
Download it now to read this article plus other related content.
While it lacks the central management, key management, reporting, access control features and scalability of enterprise commercial products, it's suitable for small office or workgroup scenarios. Multiple users can share access to encrypted data by presenting keyfiles in addition to their passwords. You can create any number of keyfiles using TrueCrypt's random number generator.
While not necessarily enterprise-ready, True-Crypt's use of cryptographic algorithms and encryption methodology is comparable to its commercial counterparts and may be easier to use.
The mode of operation TrueCrypt uses for encrypted partitions, drives and virtual volumes is XTS, a variant of Phillip Rogaway's XEX mode. XEX mode uses a single key for two different purposes, while XTS mode uses two independent keys, specifically, its own secret key, or "tweak key," that is independent from the primary encryption key. "Tweak" refers to a block cipher that can accept a second input (the tweak) in addition to its plaintext or ciphertext input. The tweak, along with the key,
| selects the permutation computed by the cipher. XTS mode is the IEEE 1619 standard for cryptographic protection of data on block-oriented storage devices as of December 2007.
Encryption algorithms include AES, Serpent and Twofish, while ciphers can be cascaded, that is, used in combination--AES-Twofish, Serpent-Twofish-AES, etc. For example, a 128-bit block is first encrypted in Twofish (256-bit key), then with AES (256-bit key).
Hash algorithms, which include RIPEMD-160, SHA-512 and Whirlpool, are utilized during volume creation, password changes and keyfile generation.
All these hash algorithms are considered secure, given that it is computationally infeasible to find the message that produced the message digest. However, SHA-512 and Whirlpool meet NESSIE (New Euro-pean Schemes for Signatures, Integrity and Encryp-tion) standards because they are collision resistant, while RIPEMD-160 does not meet NESSIE standards because its output is only 160 bits.
This was first published in November 2008