Truecrypt And Encryption Technology Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Ever since technology has started to evolve at an exponential rate, it has continued to impact and change the way that the world does business. Once all businesses were interconnected by the internet, a safe and practically easy way to protect confidential information from espionage and other cybercrimes was soon to follow. This invention was encryption, and since its inception many different types of encryption have been invented and many different companies have helped with its evolution. One of these companies is TrueCrypt, which is described as a 'free, open source, on the fly', encryption and has pioneered the way for many important advancements including plausible deniability, including hidden operating systems and hidden volumes.

Cryptography has been around for thousands of years. These earlier forms can be referred to classical cryptography and include handwritten forms and simple codes. The modern forms of encryption are much more complex and are almost entirely computerized.

Classical cryptography can be seen through the ancient cultures including the Egyptians, Mesopotamians, Hebrew scholars, Greeks and Romans (History of Cryptography). "The root of the word encryption-crypt-comes from the Greek word kryptos, meaning hidden or secret" (History of Encryption). In Egypt, hieroglyphics that are considered 'nonstandard' were found but it is unsure if these were for secret communication or simply for more for intrigue and mystery. Other forms of cryptography used were simple substitution ciphers, tablets concealed by wax, tattoos (steganography), the Polybius Square and the Caesar cipher (History of Cryptography). The Caesar cipher was used by Julius Caesar and was a simple substitution method by shifting alphabetic letters. He also used transliteration by which the Latin letters were translated into Greek letters (History of Encryption).

In 725 A.D. the first book was written about cryptography and its antithesis, cryptanalysis. The book on cryptanalysis was written from the deciphering of a Greek cryptogram from a Byzantine emperor (History of Encryption). Then came more medieval cryptography, starting with the first combination of a substitution alphabet and a simple code, the first recorded example of a nomenclator. Next appeared the first polyalphabetic cipher which included a cipher disk and it is rumored that this code was not broken until the 1800's. Soon afterwards it was followed by the passphrase cipher, the steganographic cipher and the digraphic cipher. In 1790, Thomas Jefferson invented the wheel cipher which was used in World War II (History of Encryption).

Finally there is modern cryptography. William Fredrick Feidman is known as the father of US cryptanalysis. He started a school for military cryptanalysis and also worked for the U.S. Government. In 1933, the Enigma machine, a type of electromechanical rotor machine, was used by the Nazi's but it was soon broken by Marian Rejewski through a stolen cipher text and a list of daily keys. In 1976, IBM designed the Lucifer cipher which was adopted by the NSA and was deemed the U.S. Data Encryption Standard. This cipher has held strong against many years of attacks. Also in 1976 the idea of public key cryptography was introduced. Then in 1977, Ronald Rivest invented the RSA algorithm which is a practical public key cipher, used for both confidentiality and digital signatures (History of Encryption).

Finally in 1990, the "Proposal for a New Block Encryption Standard" was published. It was based on a 128 bit key and was made to be easier to use on 'general purpose' computers. Following this breakthrough, in 1991 Phil Zimmerman released PGP, which stands for Pretty Good Privacy. This was in response to the FBI's demand for access to all of the communications of citizens. PGP is especially important because it was released as a freeware which is an extremely significant president for TrueCrypt. Lastly, in 1994, Ron Rivest proposed the algorithm RC5 which ran on the internet and allowed users to specify the block size, number of rounds and key length (History of Encryption). Since 1994 the growth that the encryption industry has seen has been exponential because encryption has become commonplace in the world. It will continue to grow as our need of privacy and confidentiality increases.

Symmetric encryption uses a secret key that the sender and receiver of a message use in order to safely send information without others seeing the data that is being displayed (Symmetric Encryption). Symmetric encryption has several other names including secret-key, private-key, and single-key. Both the sender and receiver must have the exact same key in order to properly encrypt and decrypt the message (Symmetric Encryption). This key can be of any length and complexity, but must be remembered by both parties. To get a better understanding of how symmetric encryption works, refer to the figure below. The sender uses an encryption algorithm and defines a key to be used in the algorithm in the data. Once the data has been encrypted, it becomes ciphertext and will be unintelligible to anyone trying to make sense of it. The sender must then deliver the key to the recipient so he will be able to decrypt the message and retreive the data.

There are two classes of symmetric encryption: block cipher and stream cipher (Symmetric Encryption). Block cipher is more commonly used than stream cipher because it is more efficient to encrypt data into blocks that to encrypt each bit of data on the fly as you would in a stream cipher. Block cipher involves dividing the data up into equal-sized blocks. Then the secret key and algorithm is applied on each block of data to encrypt it. The lengths of the blocks are typically 64 or 128 bits. With the size of files growing, the standard is shifting away from 64 bits and the more accepted size is now 128 bits. The biggest drawback of block cipher is the fact that all similar blocks are encrypted the same (Symmetric Encryption). This can be a problem because potential patterns could occur in the cipher text that would give hints to the plain text data message. Developers typically get around this flaw by overlapping the blocks to attempt to create more randomness (Symmetric Encryption).

Though not used as frequently as the block cipher, stream ciphers have the advantage of using less complex hardware and higher operating speeds (Stream Cipher). It seems that the main reason the stream cipher is not used as frequently is that the security of the encryption is less safe. The key is typically 128 bits and is pseudorandom (Stream Cipher). This means that the possibility for a pattern to emerge in the key exists and could likely compromise the data. So, one must never use the same key twice when encrypting data with a stream cipher (Stream Cipher). The speed that computers run at produces a high frequency of key changes, and it is likely that a key will repeat, adding an extra layer of vulnerability to the encryption.

Though asymmetric encryption is more complex than symmetric, its added complexity allows it to be more beneficial to the users. Asymmetric, or public-key encryption, uses a two-key system of a public and private key to encrypt and decrypt messages (Public-Key Encryption for Dummies). When the receiver wants to get data from the sender, he creates both keys. The public key is posted for the sender to retrieve and encrypt the data. After the data has been delivered to the receiver, he then uses his private key to decrypt the data. Not only does this add the benefit of keeping the private key safe as one would need to do in symmetric encryption, it also allows one to authenticate the users of the key by matching the private key used to the public key (Public-Key Encryption for Dummies). The verification of the recipients of data are called digital certificates. "Digital certificates package public keys, information about the algorithms used, owner or subject data, the digital signature of a Certificate Authority that has verified the subject data, and a date range during which the certificate can be considered valid" (Description of Digital Certificates). This assures the recipient of encrypted information that the person, sender, who encrypted the data and sent it is actually who it is intended it to be. Without these digital certificates, the only assurance one would have when decrypting data is that the pair of keys used was valid (Description of Digital Certificates). Digital certificates are distributed to users through Certificate Authorities. These are trusted third parties that match public keys of users together (Description of Digital Certificates).

Encryption Algorithms

Encryption algorithms are the most important part of the tools and software programs that are used to encrypt files because they are the reason that one's data is protected. Encryption algorithms are essentially the steps that are followed by a computer's encryption program to turn one's unencrypted data, known as plaintext, into encrypted data, known as cipher text. These steps are referred to as rounds of encryption. Each algorithm is composed of different steps and can have varying amounts of steps. These algorithms, also known as ciphers, can take the form of block ciphers or stream ciphers. With a block cipher, data (as represented by bits of ones and zeroes) is broken into different blocks of a certain bit size, which can vary by encryption algorithm. Those blocks of numbers are run through the algorithm in combination with a person's encryption key and are then reassembled into modified blocks. These modified blocks are now encrypted. With a stream cipher, data is instead encrypted following the same process but only one bit at a time. Most ciphers used in encryption software today are block ciphers (Encryption). Encryption software performs these operations in the background at a very high rate of speed, and users usually do not realize the complexity of these operations as they are occurring. While an encryption algorithm is imperative to protecting information, the algorithms themselves do not have to be protected. "The algorithm must be such that as long as a good password has been used then given the encrypted data without the password you can't easily recover the unencrypted data. This is a function of how good the algorithm is, not whether or not the algorithm is publicly known" (Encryption Algorithm). What this means is that if the encryption algorithm is fundamentally strong, there will be no possible way that someone will be able to view the encrypted data without the encryption key. As a result, numerous encryption keys are publically available for all uses, including for implementation in software packages. As such, TrueCrypt uses some of the most secure algorithms that are widely-available today. These algorithms include the Advanced Encryption Standard cipher, the Serpent cipher, and the Twofish cipher.

The leading algorithm available for use today is the Advanced Encryption Standard (AES), which is sponsored by the United States Government and validated by the Cryptography Research and Evaluation Committee of the Japanese Government, the European Commission, and the U.S. National Security Agency (Advanced Encryption Standard). A contest was used to determine which algorithm would be the AES as many believe that rivalry would produce a more secure product. Governments around the world have had the need for strong computer security and encryption for a long time, due to their ongoing requirement to protect sensitive and/or classified information. The Advanced Encryption Standard is the newest in such a line of government-sanctioned ciphers. The previous cipher was the Data Encryption Standard, also known as DES. DES was a block cipher with a standard encryption key of 64 bits and it had a block size of 64 bits. It was created in the late 1970s as the first attempt to standardize government computer security (Data Encryption Standards). It was successful for many years until computing power increased to the point where it could be broken easily. As it had only a 64 bit encryption key, and eight of those bits were only used to check parity, and newer encryption methods were coming out with longer keys, it was no longer truly secure. In fact, it was susceptible to a brute-force type attack, and by the late 1990s, this form of encryption could be cracked within a few days (DES Cracker Machine). This insecurity was the impetus for the creation of the Advanced Encryption Standard. The AES is composed of three block ciphers which all have block sizes of 128 bits. The difference between the three ciphers is in the encryption key size. AES can come in key sizes of 128, 192, or 256 bits and has 10, 12, or 14 rounds of encryption, respectively (National Policy on the use of the Advanced Encryption Standard). This flexibility in the selection of key sizes allows users encrypting data to secure their data in a manner relative to their security needs. In addition, the ability to select key sizes of very long lengths, such as 256 bits, allows the AES cipher to remain a viable encryption algorithm for the foreseeable future. In fact, the U.S. Government has such faith in the algorithm's ability to protect information that it is used to protect the Government's own sensitive and classified data. All versions of AES are approved to protect classified information at the SECRET level or below; while the 192 and 256 bit versions of AES are approved to protect classified information at the TOP SECRET level (Advanced Encryption Standards). TrueCrypt provides the option to use AES encryption only at the 256 bit level for maximum protection and currently specifies AES as its default encryption algorithm. With the level of support that this encryption algorithm provides, it is easy to see why it is currently the dominant encryption option.

The leading alternative algorithms that are in use today are the Serpent and Twofish block ciphers. These algorithms are notable and relevant in comparison to other alternative algorithms as they were both AES contest finalists. As such, they are generally regarded as more secure than other alternative algorithms and are, in fact, preferred by some users. The Serpent cipher was the runner-up to the winner of the AES contest. It has a block size of 128 bits and has key sizes of 128, 192, or 256 bits. "Serpent and [AES] are somewhat similar; the main difference is that [AES] is faster [ . . . ] but Serpent is more secure" (Serpent). Serpent is considered to be more secure as it is a longer, more complex cipher due to it having 32 rounds of encryption. However, the additional level of security provided by Serpent was most likely considered to be excessive and not necessary for the AES. With an adequate amount of protection already provided by AES and AES having the speed advantage, it most likely explains why Serpent received second place. However, the additional security provided by Serpent makes it a viable alternative for those especially security-conscious users and is likely the reason for its inclusion in TrueCrypt. The Twofish cipher was the second runner-up to the winner of the AES contest. It also has a block size of 128 bits and has key sizes of 128, 192, or 256 bits (Twofish).While it was an AES finalist and met all the requirements to be an eligible encryption algorithm standard, in comparison to Serpent and the winning AES algorithm, it is not particularly notable. Its inclusion in TrueCrypt is most likely due to the authors' desire to add variety of choice to the product. However, the selection of an encryption algorithm is a personal choice, and any of the above mentioned algorithms would be a concrete option to protect a user's data.

There are countless encryption software programs that use complex mathematical algorithms like the ones previously mentioned. These programs can differ based on whether they are meant to encrypt an entire hard drive or just a specific file or folder. The basic reason behind hard drive encryption is easy for everyone, even non-technical people, to comprehend. When a file is written or saved to a computer's hard drive, the software program encrypts the data automatically and when it is reopened, the program then decrypts the file. Meanwhile, every other file on the drive remains encrypted. File encryption works the same way; however, the program only runs on files specified by the user and it does not encrypt certain things such as timestamp, file size, and the file name. The benefit of having such a program on a computer is that all data is encrypted, but it does not make the computer run any slower or function any differently.


TrueCrypt operates with two types of volumes. The first is file-hosted (container), which can be on any sort of storage device and is a normal file. The second is partition/device-hosted which means an entire section of a hard drive is encrypted with the software and it can also encrypt flash drives, entire hard disks, and several other types of storage devices (Volume). Several other companies offer products similar to this, like McAfee, Safeguard, and Symantec. TrueCrypt has differentiated itself from other encryption software programs with its many features.

TrueCrypt has the ability to encrypt an entire system drive or a system partition on-the-fly. If a user wants the highest level of privacy and security, it is provided by system encryption (System Encryption). This is because every file is permanently encrypted at all times. This includes temporary files and swap files. A swap file is a section on a computer's hard drive that is used as a memory extension of RAM. It basically lets the computer act as though it has more RAM than it truly does. TrueCrypt's system encryption involves pre-boot authentication, meaning the user must enter a password every time Windows starts (System Encryption). Currently TrueCrypt has the ability to encrypt Windows operating systems from XP through Windows 7 and Windows Server 2003 and 2008. To encrypt a system partition or drive, TrueCrypt requires the user to create a rescue disk CD. This is simply a recovery and restoration disk to be used when the Boot Loader does not show up when the user starts the computer, the loader is often damaged due to activation software plagued by bugs, the user does not want the loader to be on the hard drive, or if the user correctly enters the password, but the software claims it is incorrect, this potentially means critical data is impaired (Rescue Disk). The following gives greater detail into the inner workings of TrueCrypt.

The main unique feature that TrueCrypt supports is plausible deniability. There are two kinds provided by TrueCrypt, hidden volumes and hidden operating systems, OS. The idea behind a hidden volume is that creating a second TrueCrypt Volume in the free space of the first volume which makes it is impossible to prove if there really is a hidden volume inside. This is extremely valuable in a situation where someone may be forcing a user to log on to a computer to gain access to secret information. One important aspect is that the hidden volume must have a noticeably different password from the first volume so there is no confusion between accounts and the user does not accidentally load the hidden volume when they only want the first volume. TrueCrypt makes it easy to create a hidden volume with their Creation Wizard. It automatically scans the cluster bitmap of the first volume, without the hidden volume created inside of it, and then determines the largest possible size that the hidden volume can be (Hidden Volume). There is a risk that users must be aware of when using a TrueCrypt volume that has a hidden volume inside of it, which is, if they need to save to the first volume, reading data on the first volume poses no risk, there is the possibility that data on the hidden volume will get overwritten. There is information on TrueCrypt's website instructing the user how to avoid such risk. However, in order to keep the hidden volume truly hidden, the user should not install the first volume with the protection of the hidden volume enabled. They should connect or load it as a normal volume so that the type is "normal" otherwise it will be easier to recognize that a hidden volume exists inside of the normal volume (Protection of Hidden Volumes against Damage). TrueCrypt lists numerous requirements and precautions that users should be aware of when using hidden volumes. They consist of the possibility of people, other than the user, having access to a TrueCrypt volume multiple times and also making sure Windows users do not have any deleted files on the volume in which the hidden volume is to be created. This is because if a person has access to a user's computer multiple times they could potentially notice changes that could indicate a hidden volume is on the machine. Also, if there are deleted files on the volume, the hidden volume may not be the maximum size since the cluster bitmap does not take them into account. The developers also outline precautions for another feature of TrueCrypt, hidden operating systems.

Hidden operating systems are simply a system, such as Windows 7 or Windows Vista that a user installs onto a hidden volume. To boot an encrypted system with TrueCrypt, the user must have a copy of the Boot Loader that is unencrypted stored on either the system drive or the Rescue Disk (Hidden Operating System). However, the presence of the Boot Loader is an indication that the computer contains an encrypted system. To help the user provide a plausible explanation for this, TrueCrypt assists with the creation of a decoy operating system during the creation of a hidden OS (Hidden Operating System). A user should not contain any secret files on the decoy OS because it is not on the hidden volume. Another potential benefit of the decoy OS is that if someone finds out the password, it will not result in the pre-boot authentication password being revealed. TrueCrypt advises that the user should use the decoy system as much as possible - as much as they would use their normal computer. Basically the user should use it whenever they are working with or using data that does not need to be hidden. This is because, like hidden volumes, if someone obtains unauthorized access to the user's computer they can see that the system is not used on a regular basis and may in turn indicate a hidden system. Also, because the decoy OS is not within the first volume, the user can save data without running the risk of hidden volume data being damaged. A hidden OS is installed on a partition behind the decoy OS and all data that goes between the two is encrypted and decrypted on-the-fly (Hidden Operating System). The user must remember three passwords when using TrueCrypt. Two of these are for the decoy OS and the one for the first volume, and they may be revealed if necessary; however, the third, the one for the hidden volume and operating system must never be disclosed. The figure below shows an example of how a decoy OS and hidden OS would be laid out.

In order to protect a hidden operating system, TrueCrypt makes all local, unencrypted file systems read-only when the hidden OS is running (Hidden Operating System). There are three reasons for this. First, it supports the creation of a platform in which the user can securely load hidden TrueCrypt volumes. Second, there are times where it is possible to figure out that, at one time, certain file systems were not connected to a specific OS instance, which may in turn indicate a hidden operating system being installed on the computer. Finally, this countermeasure also allows the user to safely hibernate the computer by assuming that all connected file systems have remained in the same state they had been in prior to hibernation and prevents corruption of data (Hidden Operating System ). This outlines just a few, but some of the most important, features of the TrueCrypt software.

In conclusion, encryption is a viable option for any person to use in order to protect their sensitive and confidential information. In the near future, it will become the standard for every person to employ some form of encryption; especially with technology continuing to evolve and present itself into every aspect of our lives. Thus, encryption will continue along this path as well. While there are many different types of encryption, encryption algorithms and software available, research performed has led to the selection of TrueCrypt as one of the most impressive and pioneering programs currently available. The fact that TrueCrypt utilizes the top three algorithms supported by the United States Government, which are AES, Serpent and Twofish, displays their continuing effort to provide the best possible encryption services. While only certain features where discussed in detail, the TrueCrypt program contains a plethora of impressive options which offer for many opportunities and possibilities.