Disk encryption software

Last updated January 11, 2024

Disk encryption software is computer security software that protects the confidentiality of data stored on computer media (e.g., a hard disk, floppy disk, or USB device) by using disk encryption.

Compared to access controls commonly enforced by an operating system (OS), encryption passively protects data confidentiality even when the OS is not active, for example, if data is read directly from the hardware or by a different OS. In addition crypto-shredding suppresses the need to erase the data at the end of the disk's lifecycle.

Disk encryption generally refers to wholesale encryption that operates on an entire volume mostly transparently to the user, the system, and applications. This is generally distinguished from file-level encryption that operates by user invocation on a single file or group of files, and which requires the user to decide which specific files should be encrypted. Disk encryption usually includes all aspects of the disk, including directories, so that an adversary cannot determine content, name or size of any file. It is well suited to portable devices such as laptop computers and thumb drives which are particularly susceptible to being lost or stolen. If used properly, someone finding a lost device cannot penetrate actual data, or even know what files might be present.

Methods

The disk's data is protected using symmetric cryptography with the key randomly generated when a disk's encryption is first established. This key is itself encrypted in some way using a password or pass-phrase known (ideally) only to the user. Thereafter, in order to access the disk's data, the user must supply the password to make the key available to the software. This must be done sometime after each operating system start-up before the encrypted data can be used.

Done in software, encryption typically operates at a level between all applications and most system programs and the low-level device drivers by "transparently" (from a user's point of view) encrypting data after it is produced by a program but before it is physically written to the disk. Conversely, it decrypts data immediately after being read but before it is presented to a program. Properly done, programs are unaware of these cryptographic operations.

Some disk encryption software (e.g., TrueCrypt or BestCrypt) provide features that generally cannot be accomplished with disk hardware encryption: the ability to mount "container" files as encrypted logical disks with their own file system; and encrypted logical "inner" volumes which are secretly hidden within the free space of the more obvious "outer" volumes. Such strategies provide plausible deniability.

Well-known examples of disk encryption software include: BitLocker for Windows; FileVault for Apple OS/X; LUKS a standard free software mainly for Linux and TrueCrypt, a non-commercial freeware application, for Windows, OS/X and Linux.

A 2008 study found data remanence in dynamic random access memory (DRAM), with data retention of seconds to minutes at room temperature and much longer times when memory chips were cooled to low temperature. The study authors were able to demonstrate a cold boot attack to recover cryptographic keys for several popular disk encryption systems despite some memory degradation, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use. The authors recommend that computers be powered down, rather than be left in a "sleep" state, when not under physical control by the computer's legitimate owner. This method of key recovery, however, is suited for controlled laboratory settings and is extremely impractical for "field" use due to the equipment and cooling systems required.^[1]

Other features

Plausible deniability

Some disk encryption systems, such as VeraCrypt, CipherShed (active open source forks of the discontinued TrueCrypt project), BestCrypt (proprietary trialware), offers levels of plausible deniability, which might be useful if a user is compelled to reveal the password of an encrypted volume.

Hidden volumes

Hidden volumes are a steganographic feature that allows a second, "hidden", volume to reside within the apparent free space of a visible "container" volume (sometimes known as "outer" volume). The hidden volume has its own separate file system, password, and encryption key distinct from the container volume.

The content of the hidden volume is encrypted and resides in the free space of the file system of the outer volume—space which would otherwise be filled with random values if the hidden volume did not exist. When the outer container is brought online thorough the disk encryption software, whether the inner or outer volume is mounted depends on the password provided. If the "normal" password/key of the outer volume proves valid, the outer volume is mounted; if the password/key of the hidden volume proves valid, then (and only then) can the existence of hidden volume even be detected, and it is mounted; otherwise if the password/key does not successfully decrypt either the inner or outer volume descriptors, then neither is mounted.

Once a hidden volume has been created inside the visible container volume, the user will store important-looking information (but which the user does not actually mind revealing) on the outer volume, whereas more sensitive information is stored within the hidden volume.

If the user is forced to reveal a password, the user can reveal the password to the outer volume, without disclosing the existence of the hidden volume. The hidden volume will not be compromised, if the user takes certain precautions in overwriting the free areas of the "host" disk.^[2]

No identifying features

Volumes, be they stored in a file or a device/partition, may intentionally not contain any discernible "signatures" or unencrypted headers. As cipher algorithms are designed to be indistinguishable from a pseudorandom permutation without knowing the key, the presence of data on the encrypted volume is also undetectable unless there are known weaknesses in the cipher.^[3] This means that it is impossible to prove that any file or partition is an encrypted volume (rather than random data) without having the password to mount it. This characteristic also makes it impossible to determine if a volume contains another hidden volume.

A file hosted volume (as opposed to partitions) may look out of place in some cases since it will be entirely random data placed in a file intentionally. However, a partition or device hosted volume will look no different from a partition or device that has been wiped with a common disk wiping tool such as Darik's Boot and Nuke. One can plausibly claim that such a device or partition has been wiped to clear personal data.

Portable or "traveller mode" means the encryption software can be run without installation to the system hard drive. In this mode, the software typically installs a temporary driver from the portable media. Since it is installing a driver (albeit temporarily), administrative privileges are still required.

Resizable volumes

Some disk encryption software allows encrypted volumes to be resized. Not many systems implement this fully, and resort to using "sparse files" to achieve this.^{[ citation needed ]}

Backups

Encrypted volumes contain "header" (or "CDB") data, which may be backed up. Overwriting these data will destroy the volume, so the ability to back them up is useful.

Restoring the backup copy of these data may reset the volume's password to what it was when the backup was taken.

Related Research Articles

Articles related to cryptography include:

FileVault is a disk encryption program in Mac OS X 10.3 Panther (2003) and later. It performs on-the-fly encryption with volumes on Mac computers.

The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device.

In cryptography and steganography, plausibly deniable encryption describes encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot prove that the plaintext data exists.

In computing, rubberhose is a deniable encryption archive containing multiple file systems whose existence can only be verified using the appropriate cryptographic key.

Encryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.

Disk encryption is a special case of data at rest protection when the storage medium is a sector-addressable device. This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion of different software packages and hardware devices devoted to this problem, see disk encryption software and disk encryption hardware.

EncFS is a Free (LGPL) FUSE-based cryptographic filesystem. It transparently encrypts files, using an arbitrary directory as storage for the encrypted files.

Steganographic file systems are a kind of file system first proposed by Ross Anderson, Roger Needham, and Adi Shamir. Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know of the existence of any higher levels, or an entire partition is filled with random bits and files hidden in it.

FreeOTFE is a discontinued open source computer program for on-the-fly disk encryption (OTFE). On Microsoft Windows, and Windows Mobile, it can create a virtual drive within a file or partition, to which anything written is automatically encrypted before being stored on a computer's hard or USB drive. It is similar in function to other disk encryption programs including TrueCrypt and Microsoft's BitLocker.

The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and originally intended for Linux.

Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.

BestCrypt, developed by Jetico, is a commercial disk encryption app available for Windows, Linux, macOS and Android.

This is a technical feature comparison of different disk encryption software.

dm-crypt is a transparent block device encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD. It is part of the device mapper (dm) infrastructure, and uses cryptographic routines from the kernel's Crypto API. Unlike its predecessor cryptoloop, dm-crypt was designed to support advanced modes of operation, such as XTS, LRW and ESSIV, in order to avoid watermarking attacks. In addition to that, dm-crypt addresses some reliability problems of cryptoloop.

Hardware-based full disk encryption (FDE) is available from many hard disk drive (HDD/SSD) vendors, including: Hitachi, Integral Memory, iStorage Limited, Micron, Seagate Technology, Samsung, Toshiba, Viasat UK, Western Digital. The symmetric encryption key is maintained independently from the computer's CPU, thus allowing the complete data store to be encrypted and removing computer memory as a potential attack vector.

OpenPuff Steganography and Watermarking, sometimes abbreviated OpenPuff or Puff, is a free steganography tool for Microsoft Windows created by Cosimo Oliboni and still maintained as independent software. The program is notable for being the first steganography tool that:

VeraCrypt is a free and open-source utility for on-the-fly encryption (OTFE). The software can create a virtual encrypted disk that works just like a regular disk but within a file. It can also encrypt a partition or the entire storage device with pre-boot authentication.

Apple File System (APFS) is a proprietary file system developed and deployed by Apple Inc. for macOS Sierra (10.12.4) and later, iOS 10.3, tvOS 10.2, watchOS 3.2, and all versions of iPadOS. It aims to fix core problems of HFS+, APFS's predecessor on these operating systems. APFS is optimized for solid-state drive storage and supports encryption, snapshots, and increased data integrity, among other capabilities.

References

↑ J. Alex Halderman; et al. (February 2008). "Lest We Remember: Cold Boot Attacks on Encryption Keys" (PDF). Archived from the original (PDF) on 2008-05-14.{{cite journal}}: Cite journal requires |journal= (help)
↑ Plausible Deniability - FreeOTFE instructions for initializing an encrypted disk such that the presence of a hidden disk cannot be detected
↑ This is a design criterion of modern ciphers; in other words, ciphers are considered broken if their output is discernible from random.
Mihir Bellare, Phillip Rogaway (2005-09-20). "Chapter 3: Pseudorandom functions". Introduction to Modern Cryptography. p. 7. Archived from the original on 2007-10-11. Retrieved 2007-09-30.

External links

Hard Disk Encryption at Curlie

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] J. Alex Halderman; et al. (February 2008). "Lest We Remember: Cold Boot Attacks on Encryption Keys" (PDF). Archived from the original (PDF) on 2008-05-14.{{cite journal}}: Cite journal requires |journal= (help)

[2] Plausible Deniability - FreeOTFE instructions for initializing an encrypted disk such that the presence of a hidden disk cannot be detected

[3] This is a design criterion of modern ciphers; in other words, ciphers are considered broken if their output is discernible from random.
Mihir Bellare, Phillip Rogaway (2005-09-20). "Chapter 3: Pseudorandom functions". Introduction to Modern Cryptography. p. 7. Archived from the original on 2007-10-11. Retrieved 2007-09-30.

[1]

[2]

[3]