This is a technical feature comparison of different disk encryption software. Check Point Full Disk Encryption, Yes, Yes, Yes, Yes, Yes, Yes, Yes, Yes, NTFS. FUSE driver to read/write Windows BitLocker-ed volumes under Linux / Mac OSX.
. Windows 7 introduces Bitlocker-To-Go which supports NTFS, FAT32 or exFAT, however for hard drive encryption, and later are limited to be installable only on NTFS volumes. BitLocker can be used with a TPM PIN + external USB key for two-factor authentication. An external tool can be used to read the key from the TPM and then have the key passed on to dm-crypt/LUKS via the.
The current situation around TrueCrypt project is controversial. On after many years of development and broad usage the open-source (although anonymous) project was suddenly stopped, and all previous official materials and complete (encrypt/decrypt) binaries were withdrawn from its website citing some 'unfixed security issues' and Windows XP end of support. The technical information herein is valid only for previous versions of TrueCrypt (v7.1a and some earlier). The latest available version (v7.2) is decrypt only, its authenticity and actual reasons behind the move are unclear, and its usage is not recommended. Layering. Further information:. Whole disk: Whether the whole physical disk or logical volume can be encrypted, including the partition tables and master boot record.
Note that this does not imply that the encrypted disk can be used as the boot disk itself; refer to pre-boot authentication in the features comparison table. Partition: Whether individual can be encrypted.
File: Whether the encrypted container can be stored in a file (usually implemented as encrypted ). Swap space: Whether the (called a 'pagefile' on Windows) can be encrypted individually/explicitly. Hibernation file: Whether the is encrypted (if hibernation is supported). Further information: Different modes of operation supported by the software. Note that an encrypted volume can only use one mode of operation.
CBC with predictable IVs: The CBC mode where are statically derived from the sector number and are not secret; this means that IVs are re-used when overwriting a sector and the vectors can easily be guessed by an attacker, leading to. CBC with secret IVs: The CBC mode where initialization vectors are statically derived from the encryption key and sector number. The IVs are secret, but they are re-used with overwrites. Methods for this include ESSIV and encrypted sector numbers (CGD).
CBC with random per-sector keys: The CBC mode where random keys are generated for each sector when it is written to, thus does not exhibit the typical weaknesses of CBC with re-used initialization vectors. The individual sector keys are stored on disk and encrypted with a master key.
(See for details). LRW: The Liskov-Rivest-Wagner tweakable narrow-block mode, a mode of operation specifically designed for disk encryption. Superseded by the more secure XTS mode due to security concerns.: XEX-based Tweaked CodeBook mode (TCB) with CipherText Stealing (CTS), the (IEEE P1619) standard for disk encryption.: Protection against ciphertext modification by an attacker Name CBC w/ predictable IVs CBC w/ secret IVs CBC w/ random per-sector keys LRW XTS Authenticated encryption Aloaha Crypt Disk No No No Yes Yes?
ArchiCrypt Live No No No Legacy support Yes? No Yes No Yes Yes?
DataControl No Yes Plumb-IV No No? No Yes No No Yes, Windows 10 10547+? Bloombase Keyparc?
CGD No Yes No No No? CenterTools DriveLock?????? Check Point Full Disk Encryption No No Yes Yes Yes?
Legacy support No No Legacy support Yes? Yes No No No No?
CryFS No No Yes No No? Cryhod No Yes No No No? Yes No No No No No DiskCryptor No No No No Yes? / Yes Yes No Yes, using.-lrw-benbi Yes, using.-xts-plain Yes, using -integrity mode DriveCrypt?????? GoAnywhere 2????????? E-Capsule Private Safe?????? ECryptfs No Yes?
EgoSecure HDD Encryption No Yes No No No? Yes No No No No?
No No No No Yes? No No No No No?
FREE CompuSec Yes No No No No? Yes Yes No Yes Yes No No No Yes No No? No Yes No No Yes? Loop-AES single-key, multi-key-v2 modes multi-key-v3 mode No No No No McAfee Drive Encryption (SafeBoot) No Yes No No No? N-Crypt Pro?? No No No??????? No Yes No No No?
ProxyCrypt No No No No Yes? SafeGuard Easy?????? SafeGuard Enterprise?????? SafeGuard PrivateDisk?????? SafeHouse Professional Yes No No No No? No Yes No No No?
4 Linux No Yes No Yes Yes? SecuBox Yes No No No No? Softraid / RAID C????
Svnd / Vnconfig?????? Endpoint Encryption No No Yes No No? Legacy support No No Legacy support Yes No USBCrypt No Yes No No Yes? No No No No Yes? CyberSafe Top Secret No No No No Yes?
Name CBC w/ predictable IVs CBC w/ secret IVs CBC w/ random per-sector keys LRW XTS Authenticated encryption See also. Notes and references.
Retrieved 2014-05-30. Retrieved 2014-11-28. Roland Dowdeswell (2002-10-04). Mailing list announcement. Retrieved 2007-01-14.
Archived from on March 2, 2005. Retrieved 2008-09-03. Company and product name change to Pointsec. Archived from on 2004-08-20. Retrieved 2008-09-03. Archived from on 2008-08-20. Retrieved 2008-09-03.
Niklas Lemcke (2014-12-15). Retrieved 2014-12-24. TrueCrypt Foundation.
Retrieved 2014-12-24. Sarah Dean (2004-02-10). Archived from on 2008-12-11. Retrieved 2008-08-10. Initial cryptoloop patches for the Linux 2.5 development kernel:. Archived from on 2005-01-10. Retrieved 2006-12-24.
CS1 maint: Archived copy as title. dm-crypt was first included in Linux kernel version 2.6.4:. Clemens Fruhwirth.
Archived from on 2006-12-25. Retrieved 2006-12-24.
SecurStar GmbH. Retrieved 2015-10-26.
Archived from on 2000-05-24. Retrieved 2008-04-29. Valient Gough (2003). README.md file. Retrieved 2007-01-14.
Archived from on 2006-12-07. Retrieved 2006-12-24. GBDE manual page as it appeared in FreeBSD 4.11.
Retrieved 2006-12-24. GELI manual page as it first appeared in FreeBSD 6.0.
Retrieved 2006-12-24. Retrieved 2018-01-16. Retrieved 2015-09-14. Missing or empty title=. Product description. Retrieved 2009-03-04. Retrieved 2007-01-04.
Retrieved 2009-08-10. Retrieved 2009-08-10. Rebranded as ThinkVantage Client Security (PDF).
Retrieved 2008-03-05. Retrieved 2007-01-02. 4 September 2004. Archived from on 4 September 2004. TrueCrypt Foundation. Retrieved 2014-05-29.
Retrieved 2015-08-08. ^ FUSE driver to read/write Windows BitLocker-ed volumes under Linux / Mac OSX.
(PDF). Archived from (PDF) on 2015-09-23.
Retrieved 2014-12-14. CS1 maint: Archived copy as title. Although CipherShed can be built under FreeBSD, it is not recommended to run it because of bugs and instabilities when CipherShed is attempted to be used. ^ Third party app allows to open containers encryptes with AES-256, SHA-512 hash and FAT file system. Only for the Microsoft Windows XP/2000 operating systems. PocketPC freeware release- SmartPhone beta available. ^ FreeOTFE supports cryptoloop, dm-crypt//, and dm-crypt/LUKS volumes.
FreeOTFE4PDA supports dm-crypt/LUKS volumes. ^. libfvde supports reading FileVault2 Drive Encryption (FVDE) encrypted volumes. Supports Linux volumes. Supports Linux volumes. Third party app allows a user to open LibreCrypt compatible LUKS containers.
Retrieved 2010-06-14. Although TrueCrypt can be built under FreeBSD, it is not recommended to run it because of bugs and instabilities when TrueCrypt is attempted to be used. Third party app allows to encrypt and decrypt VeraCrypt containers (only available in the paid version). Hidden containers description from Jetico (BestCrypt). ^ Secret-containers and Camouflage files.
Supports 'Guest' keys. Using 'Archicrypt Card'. Supported by the BestCrypt container format; see BestCrypt SDK. Supported by the BestCrypt Volume Encryption software. With PIN or USB key. ^.
Archived from on 2008-02-24. Retrieved 2008-03-13. Recovery keys only. ^ Roland C. Dowdeswell, John Ioannidis. CGD design paper.
Retrieved 2006-12-24. Federico Biancuzzi (2005-12-21). Interview with Roland Dowdeswell. Retrieved 2006-12-24. CipherShed Documentation.
CipherShed Project. Retrieved 2014-12-27.
Although each volume encrypted with CipherShed can only have one active master key, it is possible to access its contents through more than one header. Each header can have a different password and/or keyfiles if any ( cf. TrueCrypt FAQ: ). ^. TrueCrypt Documentation. TrueCrypt Foundation.
Retrieved 2014-05-28. TrueCrypt FAQ. TrueCrypt Foundation. Archived from on 2013-04-16. Retrieved 2014-05-28. TrueCrypt Foundation. Retrieved 2014-05-24.
Retrieved 2016-09-23. ^ dm-crypt and cryptoloop volumes can be mounted from the before the system is booted. ^. Archived from on 2010-05-29. Retrieved 2010-05-25. Retrieved 2018-12-02. Retrieved 2016-01-07.
SecurStar GmbH. Retrieved 2007-01-03. Retrieved 2007-07-25. uses the lower filesystem (stacking). ^. Retrieved 2012-07-26. ^ Jacob Appelbaum, Ralf-Philipp Weinmann (2006-12-29).
Retrieved 2012-01-03. Ars Technica. Retrieved 2012-01-03.
FreeOTFE has a modular architecture and set of components to allow 3rd party integration. FreeOTFE allows multiple keys to mount the same container file via encrypted keyfiles. ^.
Retrieved 2006-12-24. GBDE design document. Retrieved 2006-12-24. GELI manual page in current FreeBSD.
Retrieved 2006-12-24. ^ Jari Ruusu. Retrieved 2007-04-23.
Using customization. (PDF). Archived from (PDF) on 2010-12-17. Retrieved 2012-07-26.
n-Crypt Pro does not use password authentication— biometric/USB dongle authentication only. PGP Corporation. Retrieved 2006-12-24. PGP private keys are always protected by strengthened passphrases.
^. Archived from on 2006-08-23. Retrieved 2008-03-04. Retrieved 2008-03-05. ^ For Truecrypt containers.
^. WinMagic Inc. Archived from on 2008-03-13. Retrieved 2008-03-05.
optional by using -K. TrueCrypt Documentation. TrueCrypt Foundation. Archived from on 2013-01-08. Retrieved 2014-05-28. Although each volume encrypted with TrueCrypt can only have one active master key, it is possible to access its contents through more than one header.
Each header can have a different password and/or keyfiles if any ( cf. TrueCrypt FAQ: ).
VeraCrypt Documentation. Retrieved 2017-10-11. Within a VHD.
dm-crypt can encrypt a file-based volume when used with the losetup utility included with all major Linux distributions. yes, but the user needs custom scripts:.
Uses proprietary e-Capsule file system not exposed to the OS. ^ not technically part of FileVault, but provided by many versions of Mac OS X; can be enabled independently of FileVault. ^ File-based volume encryption is possible when used with utility. September 2004. Retrieved 2015-03-05. OpenBSD 3.8 change notes.
however,. Containers created with ArchiCrypt Live version 5 use LRW. Retrieved 2007-03-02. Retrieved 2009-03-01. ^ Niels Fergusson (August 2006).
Retrieved 2008-02-22. NetBSD current manual page on CGD. Retrieved 2006-12-24. ^ Containers created with TrueCrypt versions 1.0 through 4.0 use CBC.
^ Containers created with TrueCrypt versions 4.1 through 4.3a use LRW, and support CBC for opening legacy containers only. Containers created with CipherShed or TrueCrypt versions 5.0+ use XTS, and support LRW/CBC for opening legacy containers only. Starting with Linux kernel version 2.6.20, CryptoAPI supports the LRW mode:. Retrieved 2018-05-08.
Retrieved 2011-01-03. Archived from on 2007-06-29.
Retrieved 2006-12-24. For Scramdisk containers. For Truecrypt 4 containers. For Truecrypt 5 and 6 containers. Containers created with TrueCrypt versions 5.0 or later use XTS, and support LRW/CBC for opening legacy containers only. External links. Comparison in between DiskCryptor and Truecrypt.
Overview of full-disk encryption, how it works, and how it differs from file-level encryption—plus an overview of leading full-disk encryption software.
There are no such old days left when the memory in gigabyte byte was enough to store almost every kind of important file. Nowadays, an average computer is having more than a million files in it and users are having memory in Terabytes. Each and every day billions of files are sharing from one system to another. The files we shared or kept in our system are full of data.
The data inside those files can be any type, it can be a presentation file or your credentials. Even somehow your bank account detail and credit card info are also saved into some file if you used to do shopping using that system. If you remember those autofill when you are about to type your credentials in the website login box. It gives you the option to fill those boxes automatically. So, that data is saved somewhere on your computer that is why it’s popping up to help you. But what when someone Stole the data and use it for any suspicious activity. Whoever stole your data and if he used it for the wrong deed then it would be a big problem for you.
To prevent such situation you must have to Encrypt your data using some encryption software. The good part about these Softwares is that you don’t have to be an expert when you are about to dig into encryption stuff. The Encryption software will do the task automatically for you within few clicks and this task can be done easily by a normal computer user. We have listed some best encryption software so you will be secure with your data. Once your data is encrypted using this encryption software, you don’t have to worry about any person reading or stealing your files. They can’t get access or read your data without having the password. AES Crypt AES Crypt is an Open Source Software for File Encryption.
You can Encrypt your data files using this software. This software allows you to encrypt your important document or other various types of files.
You can not encrypt any folder or hard drive using this software however you can use this to encrypt multiple files at once. Working with AES Crypt for file encryption is very easy, in windows, you can easily encrypt a file just by right clicking and choosing the option of AES Crypt to do its task. In MacOS you can just drag and drop the file into the software area and it will do the rest by itself.
The only thing you have to worry about is providing a password and after setting the appropriate password and the data inside will be safe. This Software is using 256-bit encryption algorithm. This is a reliable, trusted and completely open source encryption software to use.
Compatibility: Windows, Mac, Linux, Android, iOS 2. VeraCrypt VeraCrypt is a free open source Encryption software that is supported on Windows, Mac, and Linux. VeraCrypt is developed by IDRIX. Using VeraCrypt you can Encrypt an entire partition or storage device, it can be a hard drive partition or USB flash drive. It uses hardware acceleration to speed up the process 4-8 times faster.
With its enhanced security algorithm, it is almost impossible to gain access to files without having a password. Your Windows OS contains lot of signification amount of data such as your location, your name, the applications you run etc. This all kind of information can be easily handled and stored safely using VerraCrypt. Compatibility: Windows. MacOS, Linux 3. Comodo Disk Encryption If your computer is full of important data and you don’t want to encrypt each file separately then we will recommend you to use Comodo VerCrypt. This is specialized for encrypting your hard drive partition.
It gives you two methods to secure your important data. Either you can use each hard drive partition separately and encrypt your very important data or you can just mount the virtual partition of your hard drive. With a number of great features, you can encrypt your files with ease. The encryption process can be done in two different authentication types, it can be using password or USB stick.
This software also allows you to add the spare layer of security. Compatibility: Windows 8, 7, Vista, XP 4. CipherShed CipherShed is a free open source encryption software. It is used for encrypting files and hard drives, it can be USB flash drive or any external hard disk drive. After finishing the encryption process you can share your files and data without any worry, from one system to another.
This is very secured software for this task. Thus this is an open source software so if you are a programmer who wants to contribute to this amazing software than you can do it from its official site.
Since it is Windows, Mac, and Linux based so it makes it very popular around these Operating Systems. Compatibility: Windows, MacOS, Linux 5. 7-Zip 7-Zip provides Strong AES-256 encryption which is pretty strong to encrypt and secure your personal data. This is very lightweight software to use.
7-Zip is mostly used for compression of the file but it has this amazing feature of encryption as well. Same as CipherShed it is also available for contribution if you can edit the code to make it more usable and excellent. It uses Standard BWT, LZ77-based algorithm. 7-Zip is supported by these applications as well: WinRAR, PowerArchiver, TUGZip, and IZArc. Compatibility: Windows, Mac, Linux 5. BitLocker On the list of Microsoft’s Windows features or inbuilt tools, Bitlocker is known as one of the inbuilt tools for data encryption. It provides you most protection when it used with the Trusted Platform Module that is simply known as TMP.
In addition to security features, it also provides an option to lock normal startup process until a PIN provided to it. You can just simply encrypt your hard drives usinBitLocker. To access and using the amazing encryption features of BitLocker you can just simply search this in your windows search bar.
Compatibility: Windows 10, 8, 7.