Your SlideShare is downloading. ×
  • Like
TrueCrypt (Smith) - TrueCrypt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

TrueCrypt (Smith) - TrueCrypt

  • 1,454 views
Published

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,454
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
73
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. TrueCrypt
    A presentation by Brett Smith
    COSC 4553-01
    Spring 2008
    Assignment #11
  • 2. Overview
    Brief History
    Basics of TrueCrypt
    Why do we need this?
    Known security vulnerabilities
    Conclusion
    Sources
  • 3. Brief History
    TrueCrypt is an open-source project based on Encryption for the Masses (E4M), a popular open source on-the-fly-encryption (OTFE) program that was discontinued in 2000. TrueCrypt was first released in February of 2004, and is still an active and thriving project today.
  • 4. Basics of TrueCrypt
    TrueCrypt is a software application used for on-the-fly encryption (OTFE). It can create a "file-hosted container" by writing an encrypted file system contained within a regular file, which can then be mounted as if it were a real disk. TrueCrypt also supports device-hosted volumes, which can be created on either an individual partition or an entire disk. These volumes or files have no identifying information to indicate that they are data managed by TrueCrypt. It will appear to be a file filled with random bytes or in the case of a volume, simply unused free space.
  • 5. Basics cont.
    Access to a TrueCrypt partition is protected using a traditional password and/or a “key file”. A key file acts as a binary equivalent to a traditional password. It can be a favorite song, a picture of your grandpa, or a random file generated by TrueCrypt.
    With version 5.0 and above it can now encrypt the Windows boot partition. With Linux kernel 2.6.24 and above you can encrypt everything with TrueCrypt but the /boot folder.
    Encryption algorithms: AES-256, Serpent, and Twofish. (And combinations of these three)
    Mode of operation: XTS.
  • 6. Why do we need this?
    I have a password set for my user account on Windows/Linux, so I’m safe, right?
    Wrong! Someone can easily take your hard drive and read your files using a different computer.
    Do you have data that could cause damage to your organization or your personal reputation if it fell into the wrong hands?
    Are there documents on your computer that are strictly confidential? (For example, bank and credit card account numbers, or personnel files.)
    Do you send and receive email messages containing confidential information about your organization's work?
    TrueCrypt tries to remedy these security breaches by offering a secure data dump for your private or confidential files. Or if you really want extra protection, you can encrypt your entire partition.
  • 7.
  • 8. Known security vulnerabilities
    The only currently known security
    vulnerability of TrueCrypt is a “cold boot
    attack”. This attack requires that you are using full-disk encryption and the attacker has physical access to your machine within a few minutes after shutdown. The attacker can get the master password for your encrypted partition from RAM before the bits fade.
    Note that this attack does not work if TrueCrypt unmounts the drive itself, as it securely wipes the master password from RAM.
  • 9. Conclusion
    TrueCrypt is an on the fly encryption software that has a bright future. The market for such encryption is only growing bigger as corporations and consumers become more aware of just what sort of privacy threats they are coming up against.
    TrueCrypt is a program that I personally use for sensitive data and will keep using. I would also personally recommend this software for anyone looking for a way to keep their data encrypted.
  • 10. Sources
    http://en.wikipedia.org/wiki/TrueCrypt
    http://www.truecrypt.org/
    http://lifehacker.com/software/top/geek-to-live--encrypt-your-data-178005.php