Enterprise security pros often have a need to encrypt sensitive files, but don't have budget to purchase an expensive encryption tool. Fortunately Truecrypt can help.
In this month's screencast, Peter Giannoulis of TheAcademyPro.com details how to not only use Truecrypt to create an encrypted drive on a Windows PC, but he also explains how to create a hidden drive within a drive as an additional data protection measure.
Want more demos of free security tools? Visit our screencast page.
A transcript of the podcast follows below:
Hey everybody. This is Peter Giannoulis from TheAcademyPro.com, bringing you this month's SearchSecurity.com screencast. This month we're going to focus on TrueCrypt. A lot of you probably use TrueCrypt already. If you don't, or have never heard of it, this is probably a good screencast that will introduce you to a fantastic disk encryption tool that is free.
Let's go ahead here and talk about exactly what TrueCrypt is. Free open source disk encryption, runs on Windows, Mac OS X, Linux. Cool thing is it is a free product and it is available for Windows 7 already, which is awesome. A lot of free products, or even vendor products, haven't jumped onboard with Windows 7 yet, which is unfortunate because a lot of people tend to be moving away from Vista fairly quickly and onto 7. Getting people up to date and hopefully getting their products up to date to support 7 would obviously be gladly appreciated.
With regard to TrueCrypt, what does this program include? Assists you in creating encrypted volumes on your actual hard drives so that you can have a specific amount of space that is encrypted or encrypted and hidden. You can also encrypt your entire disk with TrueCrypt and not have a problem with it. You can encrypt storage devices such as USB drives and so on. Again, encryption is automatic, just like a lot of the commercial products out there in real-time and on-the-fly and transparent.
Let's go ahead here.
Where do we actually find TrueCrypt? TrueCrypt's available at TrueCrypt.org/downloads. If you want to learn a little bit more about the product, you can just go to TrueCrypt.org.
What we're going to do is launch TrueCrypt here. What we're going to do first, we're going to show you how to create a volume, and then we're going to show you how to create an actual hidden volume as well. That's what we're going to do.
The first thing you have to do is actually click on one of the actual drives you want to use, or drive letters, and you can choose whatever one you like. By default, I believe it chooses Volume Z, I believe it is. We're going to click on "Create Volume." In here, you'll see you have a "Create an encrypted file container," "Encrypt a non-system partition/drive," or "Encrypt a system partition or entire system drive." We're going to stay with the basics and just say, "Let's create an encrypted file container." We're going to go ahead and click on "Next," and here, you'll see, "Do we want to create a standard TrueCrypt volume or a hidden TrueCrypt volume?" We're going to go, at first, with our standard TrueCrypt volume. We'll go ahead and click on "Next." Our "Volume Location" is where you actually want to store it. We're going to say, for the time being at least, "Onto the desktop," and we're going to call it "encryptedvolume," something really simple.
We'll go ahead and click on "Next." In here, you have the option to choose the type of encryption algorithm you want to use. A bunch of them are supported; the default's AES, which is the Advanced Encryption Standard that is basically the newest in greatest encryption algorithm that's available out there today. We're going to go ahead and keep the default as opposed to choosing any of the other ones there. Hash algorithms; we're going to choose the default as well, but you have some of the other ones that you can choose from that list, as well. We'll go ahead and keep the defaults in our "Volume Size." This is basically how big you want this encrypted volume to be.
You can see on our free space in our drive, we have 425 gigs approximately. We're going to say 100 MB drive. All we want is to store some of our top secret-type documents, whether they're Excel spreadsheets that hold your personal finances or whatever it may be. We're going to go ahead and say 100 MB. Click on "Next." We're going to give that volume a password so that every time you want to mount it using TrueCrypt, you have to type in a password. You can see here, because I chose a six-letter password or passphrase, it's warning us, basically saying these are easy to crack using brute-force techniques. Let's choose something longer next time, fine. We won't take the advice in this example, but we understand.
Here in our file system, we can leave the defaults if we want to. You can choose NTFS if we feel like it. We'll go ahead and format the actual drive that we're creating right now. Then we can go on "Next" and cancel out of that wizard because it's starting over again.
What do we do now? Great, we created this encrypted volume. Let's actually mount this volume now.
We go ahead and click on "Select File," and select the actual file that we created on our desktop called "encryptedvolume." Go ahead and click on "Mount." It asks us for the password. We press "OK" and now it's actually mounted. If we go into your "My Computer," you'll see you that have your DVD drive, you have your local disk, and you have this new 100 MB volume that you actually created. Nothing's in it right now, but it's encrypted. If we threw a document in that, then unmounted that drive, nothing would be able to basically get into to that drive without our passphrase. We can see now, we dragged a file in there and off we go, no big deal. We'll dismount that actual volume.
Let's go ahead and create a new one. If we "Create Volume" now, we're going to "Create an encrypted file container" again. In this case, we're going to choose "Hidden TrueCrypt volume." We're going to choose either "Normal mode" or "Direct mode." Normal mode: Wizard will help you create a normal TrueCrypt volume, and then a hidden one within it. We already have an encrypted volume that we just create, the 100 MB one we just showed you, so we can go ahead and choose "Direct mode," which basically means we want to create a hidden volume within our actual encrypted volume that we created already.What this actually shows you is, it's one of those scenarios if someone has a gun to your head and says, "Decrypt your actual drive, I want all of your sensitive data," you can decrypt the drive and they wouldn't be able to decrypt the volume. They wouldn't be able to see that you have a hidden volume within that actual encrypted volume that actually stores your private information. I know it's an exaggerated example, but it is an example, and I'm sure you can understand where and why you'd use it in some cases.
Let's go ahead. We're going to give our encrypted volume a password, again, another short password that it's going to complain about, but that's OK.We'll go ahead and click on "Next" for our hidden volume. We're going to use our default algorithms from an encryption and hash perspective. Again, you have the same choices. We'll go ahead and click on "Next." This volume, you can see because we chose the actual encrypted volume that we have, the maximum possible hidden volume size for this volume is 99 or 100 MB; the one we just created. In here now, we're going to say 50 MB of that actual encrypted file, or volume that we created, is going to be used for our hidden volume. Again, password, complaining; that's all great. We'll go ahead and click on "Format," and then it gives us a warning message, or a message, that says "The hidden TrueCrypt volume has been successfully created and is ready for use," and so on. Go ahead and press "OK" to that, or press "Next" and "Cancel." We'll go ahead and mount our drive again. We mount that with our password; there we go. If you actually get into that specific volume, you'll notice that you won't be able to see the hidden volume within the actual volume if you look at the partition that you just created.
In wrapping up, what is TrueCrypt? Open source disk encryption, amazing piece of software that I can't believe 'til this day is offered for free. I use it; many security professionals that I know use it. It's fantastic. The cool part is it's available for Windows, Linux, and OS X, which is really nice. Utilized, again, by thousands of people around the world, and it's 100% free.
The biggest thing is, if you have sensitive data, you need to protect it and you don't have the budget to buy disk encryption; TrueCrypt is probably the better way to go, at least that I've seen out there.
That's pretty much it. Thanks very much. Again, it's Peter Giannoulis, TheAcademyPro.com. We want to thank you for coming out again to this month's SearchSecurity.com screencast. We'll definitely see you guys next month. Take it easy.
About the author
Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains The Academy Pro, which provides streaming video for enterprises and consumers on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.