76.3 Disk Encryption using TrueCrypt
20220731
Development of TrueCrypt ceased in 2014 with VeraCrypt having been a fork from 2013. It is no longer recommended to use TrueCrypt and instead migrate to VeraCrypt as in Section 76.4.
It is good practise to at least ensure all of your local disks (e.g., USB disk drives) are encrypted at rest. If your USB drive is physically stolen then the thieves will be quite challenged to access your data. The TrueCrypt application, even though it is no longer under development since 2014 (version 7.1a), provides a solid platform for securing data on disk.
TrueCrypt will encrypt a drive and also supports the creation of a hidden drive which lives stealthily within an encrypted drive, supporting plausible deniability as its existence can not be detected. If you are being extorted in order to provide access to your data, you can plausibly decrypt the outer volume whilst retaining the protection of the hidden volume. There is no evidence from the disk itself of the existence of the hidden volume.
TrueCrypt can be installed from a Ubuntu PPA as truecrypt:
wajig addrepo ppa:stefansundin/truecrypt
wajig update
wajig install truecrypt
truecryptPlug in the disk drive (e.g. a USB disk drive) that is to be used for
the encrypted file system. From the command line enter the command
truecrypt or else choose it from the application
menus. On the TrueCrypt GUI click the Create Volume button to bring
up another window. Choose to Create a volume within a partition/drive. Next choose the Hidden TrueCrypt volume
option. Next identify the Volume Location, which might be the device
/dev/sdb1. Note that all data on the device will be lost following a
device format. The administrator password will be requested so that
the formatting can begin.
For the Outer Volume Encryption Options stay with the defaults,
namely AES as the Encryption Algorithm and RIPEMD-160 as the Hash Algorithm. Provide an Outer Volume Password. Then with the Outer Volume Format move the mouse around randomly within the window to
create entropy for the encryption keys. Then click Format and the
disk will be formatted appropriately. This can take multiple hours for
larger disk drives.
More information on TrueCrypt is available from https://www.grc.com/misc/truecrypt/truecrypt.htm.
Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0
