Storage Devices

  Home arrow Storage Devices arrow Page 3 - TrueCrypt: Free, On-the-Fly Disk Encry...
Watch our Tech Videos 
Dev Hardware Forums 
Computer Cases  
Computer Processors  
Computer Systems  
Digital Cameras  
Flat Panels  
Gaming  
Hardware Guides  
Hardware News  
Input Devices  
Memory  
Mobile Devices  
Motherboards  
Networking Hardware  
Opinions  
PC Cooling  
PC Speakers  
Peripherals  
Power Supply Units  
Software  
Sound Cards  
Storage Devices  
Tech Interviews  
User Experiences  
Video Cards  
Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
STORAGE DEVICES

TrueCrypt: Free, On-the-Fly Disk Encryption
By: Barzan "Tony" Antal
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 4
    2009-09-15

    Table of Contents:
  • TrueCrypt: Free, On-the-Fly Disk Encryption
  • Features, How it Works
  • Performance, Security
  • Final Thoughts

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH DEV HARDWARE

    TrueCrypt: Free, On-the-Fly Disk Encryption - Performance, Security


    (Page 3 of 4 )

    TrueCrypt implements two significant software development practices that certainly improve performance and the way data gets crunched. Parallelization is the first one; it basically gets the most out of multi-core processors by using multi-threading execution. The data is split and deployed to all of the cores, so each works its share.

    Another development trick is called pipelining. This kind of execution allows the data to be worked on prior to causing a performance hit (such as a lag or delay). In short, pipelining is asynchronous execution. This means loading stuff that's going to be required into the RAM (filling up the "pipes" in some sort of fashion), allowing the tasks to be carried out in such a way that the application (that required the encrypted data) does not halt.

    However, we need to realize that no encryption algorithm can ever be as fast as direct data accessing and execution in native form. There is no ideal algorithm that can do that, since it takes clock cycles to encrypt and decrypt the data, it takes system resources to load them up (from place A to place B), and the entire process of inter-exchanging data also takes time. Therefore, there is a hit on performance, as expected.

    But when all of the factors come into play, encryption does offer so many benefits that usually, especially in the case of business workstations, the small reduction in performance is worth it. Consider mobile notebooks, EEPCs, BlackBerries, optical discs, external HDDs, thumb drives, or any sort of storage medium that can get compromised. Businesses keep important data in these media, not just silly IM chat logs. The performance hit is usually unnoticeable in everyday usage.

    In the case of modern machines (especially since most notebooks are also based on multi-core processor technologies and with large L2 caches), the performance hit can only be proven by using benchmarking utilities and applications that do "raw tests" on encrypted disk volumes such as writing/reading sequentially and randomly. This way, yes; when the results get organized into fancy charts, there is a noticeable difference.

    We can affirm without any doubt that any company or firm that understands the risks involved in being careless is going to use and implement some sort of encryption framework into their infrastructure. Whether they use TrueCrypt or some other competitive software is quite irrelevant; the bottom line is that, even though by raw numbers there is some sort of slight performance penalty, it does not keep employees from being productive.

    In terms of security, TrueCrypt's renowned function is the capability to provide partitions (that may or may not contain operating systems) that are not only encrypted, but also hidden. The way all of this happens provides some sort of plausible deniability for the fact that there is any kind of data encrypted. It's a tricky concept, but it's possible, since there is no way to prove encryption physically (there are no traces or headers left).

    This goes a long way, and there are always long discussions with hundreds of arguments, since some tools can prove with a reasonable suspicion the existence of such a hidden encrypted volume. These are all areas which computer forensics really gets into. But "reasonable suspicion" isn't physical proof, just high probability.

    As for getting the actual data in an unencrypted shape, it is impossible if the user practiced all of the good security habits, the overall security of the machine wasn't compromised (running unauthorized executables under administrator rights that may act as keyloggers or rootkits to tamper with MBR), and if strong passwords/keys were chosen -- and of course the user is not forced to reveal the password(s) by adversary forces.

    More Storage Devices Articles
    More By Barzan "Tony" Antal

    blog comments powered by Disqus

    STORAGE DEVICES ARTICLES

    - The Rise of Purpose-Built Backup Appliances
    - Why Are Customers Deploying Purpose-Built Ba...
    - TrueCrypt: Free, On-the-Fly Disk Encryption
    - Bootable Rescue Flash Drives
    - Operating Systems on Bootable Flash Drives
    - Shopping For External Storage
    - How to Flash Your BIOS with Flash Drives
    - Flash Drive Booting Fundamentals
    - Freecom Media Player 450 WLAN
    - Mobile Computing Technologies: an Overview
    - Throwing a Glance at Solid State Drives
    - Soyo SlimEX Platinum Review
    - Setting Up Your USB Storage Device as a Port...
    - Network Storage for the Home with the D-Link...
    - Netgear SC101 Network Attached Storage for t...

    Developer Shed Affiliates

     




    © 2003-2014 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
    KEITHLEE2zdeconfigurator/configs/INFUSIONSOFT_OVERLAY.phpzdeconfigurator/configs/ OFFLOADING INFUSIONSOFTLOADING INFUSIONSOFT 1debug:overlay status: OFF
    overlay not displayed overlay cookie defined: TI_CAMPAIGN_1012_D OVERLAY COOKIE set:
    status off