Truecrypt 6

Discussion in 'privacy technology' started by Someone, Jul 5, 2008.

Thread Status:
Not open for further replies.
  1. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    Truecrypt 6 is out!

    Change Log:

    New features:

    *Parallelized encryption/decryption on multi-core processors (or multi-processor systems). Increase in encryption/decryption speed is directly proportional to the number of cores and/or processors.

    For example, if your computer has a quad-core processor, encryption and decryption will be four times faster than on a single-core processor with equivalent specifications (likewise, it will be twice faster on dual-core processors, etc.)

    [View benchmark results]
    *Ability to create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed). For more information, see the section Hidden Operating System. (Windows Vista/XP/2008/2003)

    For security reasons, when a hidden operating system is running, TrueCrypt ensures that all local unencrypted filesystems and non-hidden TrueCrypt volumes are read-only. (Data is allowed to be written to filesystems within hidden TrueCrypt volumes.)

    Note: We recommend that hidden volumes are mounted only when a hidden operating system is running. For more information, see the subsection Security Precautions Pertaining to Hidden Volumes.
    *On Windows Vista and Windows 2008, it is now possible to encrypt an entire system drive even if it contains extended/logical partitions. (Note that this is not supported on Windows XP.)
    *New volume format that increases reliability, performance and expandability:
    o Each volume created by this or later versions of TrueCrypt will contain an embedded backup header (located at the end of the volume). Note that it is impossible to mount a volume when its header is damaged (the header contains an encrypted master key). Therefore, embedded backup headers significantly reduce this risk. For more information, see the subsection Tools > Restore Volume Header.

    Note: If the user fails to supply the correct password (and/or keyfiles) twice in a row when trying to mount a volume, TrueCrypt will automatically try to mount the volume using the embedded backup header (in addition to trying to mount it using the primary header) each subsequent time that the user attempts to mount the volume (until he or she clicks Cancel). If TrueCrypt fails to decrypt the primary header and then decrypts the embedded backup header successfully (with the same password and/or keyfiles), the volume is mounted and the user is warned that the volume header is damaged (and informed as to how to repair it).

    o The size of the volume header area has been increased to 128 KB. This will allow implementation of new features and improvements in future versions and ensures that performance will not be impaired when a TrueCrypt volume is stored on a file system or device that uses a sector size greater than 512 bytes (the start of the data area will always be aligned with the start of a host-filesystem/physical sector).

    For more information about the new volume format, see the section TrueCrypt Volume Format Specification.

    Note: Volumes created by previous versions of TrueCrypt can be mounted using this version of TrueCrypt.
    * Parallelized header key derivation on multi-core processors (one algorithm per core/thread). As a result, mounting is several times faster on multi-core processors. (Windows)

    *Ability to create hidden volumes under Mac OS X and Linux.
    *On Linux, TrueCrypt now uses native kernel cryptographic services (by default) for volumes encrypted in XTS mode. This increases read/write speed in most cases. However, the FUSE driver must still be used when the volume is encrypted in a deprecated mode of operation (LRW or CBC), or when mounting an outer volume with hidden-volume protection, or when using an old version of the Linux kernel that does not support XTS mode. (Linux)


    Improvements:

    *Up to 20% faster resuming from hibernation when the system partition/drive is encrypted. (Windows Vista/XP/2008/2003)
    *Many other improvements. (Windows, Mac OS X, and Linux)


    Removed features:

    *Encrypted system partitions/drives can no longer be permanently decrypted using the TrueCrypt Boot Loader (however, it is still possible using the TrueCrypt Rescue Disk). (Windows Vista/XP/2008/2003)

    Note: This was done in order to reduce the memory requirements for the TrueCrypt Boot Loader, which was necessary to enable the implementation of support for hidden operating systems.


    Bug fixes:

    *When Windows XP was installed on a FAT16 or FAT32 partition (as opposed to an NTFS partition) and the user attempted to encrypt the system partition (or system drive), the system encryption pretest failed. This will no longer occur.
    *Many other minor bug fixes and security improvements (preventing e.g. denial-of-service attacks). (Windows, Mac OS X, and Linux)


    Download
     
  2. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    A LONG requested feature! Great news!
     
  3. SYS 64738

    SYS 64738 Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    130
    I'm just wondering, isn't this some kind of security risk? The encrypted volume contains the necessary header itself??

    Sry, i don't know much about this stuff, its just a kind of feeling...o_O
    What do others here with more knowledge think about this?
     
  4. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    What's a embedded backup header?

    Thanks
     
  5. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    I thought this feature was already in 5?

    Thanks
     
  6. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    No. Hidden volumes have long been a part of TrueCrypt, but the ability to boot into an alternative operating system is brand new. You've got your "real" OS and your "decoy" OS - two different installations of WinXP for example. I've been messing with it and it's very nice.

    As for the embedded header, it's another much-requested feature. Consider it a form of auto-backup of your header. Now, it's actually a part of the volume itself. And no, it's not a security risk at all. The header is of no value but to the person with the key. You already have a header in the first few bytes of the container/volume. This feature puts an additional header at the end of the volume in case of corruption. They still advise a backup of your header, but for the vast majority who never did (shame on you :) ) this will save a lot of butts.
     
  7. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    When the container is mounted/dismounted can the embedded header be read using a Hex editor or other tool?
     
  8. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    OK. Thanks for the explanation!
     
  9. TECHWG

    TECHWG Guest

    Do you mean that the header is of no value to anyone but to the person who posesses the passphrase, which protects the key residing in the given header?
     
  10. testerazzi

    testerazzi Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    21
    Version 6.0a is out
     
  11. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    That is truly amazing! I hope it is easy enough for someone like me to use.
     
  12. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    The headers have always been embedded in TC containers.

    That is nothing new.

    Whats new is there is now a second copy of it located in the container, at the end of the container, so in the event the first one is corrupted, it can try the backup. The two headers are encrypted using different salts, resulting in two headers that are not identical on disk, and therefore do not create a signature for a TC volume.

    There are no weaknesses caused by this.
     
  13. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    If I installed truecrypt and encrypt my whole C:, will that slow down and affect playing online games such as BF2142?

    And if I encrypt my whole C: and then copy a file from C: to D:, will that copied file be encrypted and saved to D: as encrypted? Or can I then access that file saved on D: from other operating systems that are not running truecrypt?
     
    Last edited: Jul 20, 2008
  14. traxx75

    traxx75 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    106
    If your CPU isn't quite powerful enough, then it will definitely have an impact on loading times, and possibly even in-game frame rates. Decent multi-core CPUs shouldn't be affected as much. I have seen pretty significant overhead introduced on older single-core CPUs, though.

    If D: is not also encrypted then it will be saved as cleartext.
     
Loading...
Thread Status:
Not open for further replies.