DiskCryptor
Encyclopedia
DiskCryptor is the first open source
(GPL
) full disk encryption
system for MS Windows that allows the encryption
of an entire PC
's harddrive or individual partitions
– including the ability to encrypt the partition and disk on which the OS
is installed.
DiskCryptor was originally designed to replace commercial disk encryption systems such as DriveCrypt Plus Pack and PGP Whole Disk Encryption, and uses either AES
-256, Twofish
, Serpent
or a combination of cascaded
algorithms in XTS mode to carry out encryption.
The project was originally started by a former TrueCrypt
user and forum member which goes by the name of 'ntldr'.
It was originally fully compatible with TrueCrypt's container format but has since improved on the format in order to allow data-in-place encryption on Windows XP
, to allow the system partition to have exactly the same format as non-system partitions and to support future project plans.
For limitations in the current version, as well as other technical information, see official website.
All algorithms are implemented in XTS mode.
Crypto-algorithms for the x86 version are implemented in assembly language, the implementation having a maximum number of optimizations for the Intel Core line of processors, however it performs sufficiently fast on any other processors as well.
Almost all possible enhancements to improve the performance have been applied such as the AES algorithm code is being dynamically generated with optimization made for the usage of a particular key.
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
(GPL
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
) full disk encryption
Full disk encryption
Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. The term "full disk encryption" is often used to signify that everything on a disk is encrypted, including the...
system for MS Windows that allows the encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
of an entire PC
Personal computer
A personal computer is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator...
's harddrive or individual partitions
Disk partitioning
Disk partitioning is the act of dividing a hard disk drive into multiple logical storage units referred to as partitions, to treat one physical disk drive as if it were multiple disks. Partitions are also termed "slices" for operating systems based on BSD, Solaris or GNU Hurd...
– including the ability to encrypt the partition and disk on which the OS
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
is installed.
DiskCryptor was originally designed to replace commercial disk encryption systems such as DriveCrypt Plus Pack and PGP Whole Disk Encryption, and uses either AES
Advanced Encryption Standard
Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
-256, Twofish
Twofish
In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but was not selected for standardisation...
, Serpent
Serpent (cipher)
Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen....
or a combination of cascaded
Superencryption
Multiple encryption is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm. The terms cascade encryption, cascade ciphering, multiple encryption, multiple ciphering, and superencipherment are used with the same meaning...
algorithms in XTS mode to carry out encryption.
The project was originally started by a former TrueCrypt
TrueCrypt
TrueCrypt is a software application used for on-the-fly encryption . It is free and open source. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device .- Operating systems :TrueCrypt supports Microsoft Windows, Mac OS X, and...
user and forum member which goes by the name of 'ntldr'.
It was originally fully compatible with TrueCrypt's container format but has since improved on the format in order to allow data-in-place encryption on Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
, to allow the system partition to have exactly the same format as non-system partitions and to support future project plans.
Program features
- Support for encryption algorithm AESAdvanced Encryption StandardAdvanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
, TwofishTwofishIn cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but was not selected for standardisation...
, SerpentSerpentSerpent may refer to:* Serpent, a synonym for snake* Serpent , the name given to a snake in a religious or mythological context* Serpent , said to have tempted Adam and Eve in the Garden of Eden* Serpent in astronomy...
, including their combinations.- Transparent encryption of disk partitions.
- Full support for dynamic disks.
- Support for disk devices with large sector size (important for hardware RAIDRAIDRAID is a storage technology that combines multiple disk drive components into a logical unit...
operation).
- High performance, comparable to efficiency of a non-encrypted system.
- Support for hardware AES acceleration:
- AES-NI instruction setAES instruction setAdvanced Encryption Standard Instruction Set is an extension to the x86 instruction set architecture for microprocessors from Intel and AMD proposed by Intel in March 2008...
on new Intel CPU; - PadLock extensions on VIA processors.
- AES-NI instruction set
- Support for hardware AES acceleration:
- Broad choice in configuration of booting an encrypted OS. Support for various multi-boot options.
- Full compatibility with third party boot loaders (LILOLiloLilo may refer to:People* Lilo , a French actress and singer, the leading lady in the Broadway production of Can-Can* Lilo, nickname of Carmine Galante, American mobster* lilo, nickname of Rob Levin, founder of the freenode IRC network...
, GRUB, etc.). - Encryption of system and bootable partitions with pre-boot authentication.
- Option to place boot loader on external medium and to authenticate using the key medium.
- Support for key files.
- Full compatibility with third party boot loaders (LILO
- Full support for external storage devices.
- Option to create encrypted CDs and DVDs.
- Full support for encryption of external USB storage devices.
- Automatic mounting of disk partitions and external storage devices.
- Support for hotkeys and optional command-line interface (CLI).
- Open license GNU GPLv3GNU General Public LicenseThe GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
.
For limitations in the current version, as well as other technical information, see official website.
Encryption algorithms
- AESAdvanced Encryption StandardAdvanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
-256 - SerpentSerpentSerpent may refer to:* Serpent, a synonym for snake* Serpent , the name given to a snake in a religious or mythological context* Serpent , said to have tempted Adam and Eve in the Garden of Eden* Serpent in astronomy...
- TwofishTwofishIn cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but was not selected for standardisation...
All algorithms are implemented in XTS mode.
Performance
On an Intel Core 2 Quad (Q6600) CPU data encryption speed amounts to 104 MB/s per core.Crypto-algorithms for the x86 version are implemented in assembly language, the implementation having a maximum number of optimizations for the Intel Core line of processors, however it performs sufficiently fast on any other processors as well.
Almost all possible enhancements to improve the performance have been applied such as the AES algorithm code is being dynamically generated with optimization made for the usage of a particular key.
Supported OS
| Operating system Operating system An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system... s |
Service pack Service pack A service pack is a collection of updates, fixes or enhancements to a software program delivered in the form of a single installable package. Many companies, such as Microsoft or Autodesk, typically release a service pack when the number of individual patches to a given program reaches a certain ... |
Bitness | |
|---|---|---|---|
| Windows Microsoft Windows Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal... |
2000 | SP0–SP4 | x86 |
| XP | SP0–SP3 | x86, x64 | |
| Server 2003 | SP0–SP2 | x86, x64 | |
| Vista | SP0–SP2 | x86, x64 | |
| Server 2008 | SP0–SP2 | x86, x64 | |
| 7 | x86, x64 | ||
| Server 2008 R2 | x64 |
External links
- Official website forum
- DiskCryptor on SourceForge.net