[How to] TrueCrypt using the education-important information of the Encryption insurance box

I wrote this in August 2013 about the use of TrueCrypt, but since last year (2014) in late May, TrueCrypt's first page appeared "Using TrueCrypt is not secure as it may contain unfixed security issues "This warning, the author explains that with the soft Windows XP discontinued support in May 2014, and Vista's after the Windows operating system has been integrated with good encryption and decryption capabilities of BitLocker ( But this dead thing is only available to the users of the banner version and the Enterprise Edition , so the original author David will eventually TrueCrypt this decade of development and maintenance.

This incident caused the Xuan of the community, and at first it was suspected of being attacked by hackers, but the comparison of the number of signatures, and Steven Barnhart (@stevebarnhart) and Matthew Green (@matthew_d_green The e-mail box that was used by the original developers was contacted with the development "David" to prove that the message was made by the TrueCrypt's developers, and that the user of the Dragon's interest could refer to this article: "True Goodbye: ' Using TrueCrypt is not Secure ".

However, in addition to the TrueCrypt no longer continuing to develop maintenance, The developers also cut a history of the original sourceforge.net, except for the last release of the 7.2 version of the user can not catch the other version, but the 7.2 version basically only left the decryption function, so the TrueCrypt version of the last edition of the August 2012 release of the 7.1a version, want to download 7.1 A version of the user can go to the GRC frame "TrueCrypt Final Version Repository page" (This web site and my computer has the same hash value) or to Filehippo (but Filehippo only provide the version of Windows ) Download.

It is worth celebrating that there are other developers out there that have created new branches of TrueCrypt: VeraCrypt. This post-show fixed some security issues, and added delay when entering the decryption code, when the user entered the wrong password, it is necessary to wait for a period of time to enter, this new feature improves the veracrypt by brute force, and because it is fork from the TrueCrypt, So it is compatible with the files produced by TrueCrypt, and the mode of operation is not much changed so far, so I suggest that users can switch from TrueCrypt to Veracrypt, which is the Veracrypt version of the page.

Basic information

• Software Name: TrueCrypt
• Support operating system: Windows 7/vista/xp, Mac OS x/linux
• Final stabilization Version: 7.1a (Windows)
• Official website: truecrypt.org
• Software download page: TrueCrypt Final Version Repository page (by GRC)

Establishment of the Information encryption Area (VOLUME)

2. Go to truecrypt.org to download the latest version of TrueCrypt and install it.

4. After opening the TrueCrypt, you will see a "Create Volume" on top of the Volume block, click on him to start creating the encryption Area (Volume)

6. TrueCrypt supports three different types of volume: separate files, non-system cutting areas, and the system-cut area or entire system encryption. Here we choose the first, "Create an Encrypted file container". If the computer needs to be re-poured, it will be easier for the user to make a separate encryption file.

8. The next question is to use standard TrueCrypt volume or Hidden TrueCrypt Volume Two, Hidden TrueCrypt volume is more secure, but for first time use standard TrueCrypt Volume is good, there is a further step in the need to create a new TrueCrypt Volume

   Supplement, I saw someone make a simple and easy-to-understand description of hidden volume:

   Use a large box (encrypted container) to install something (files that need to be encrypted) is the standard mode. If the big box (the encrypted container) has a small box (hidden encryption container) to the east, it is hidden. But both are just a box from their appearance.

   Out: Advanced Files Encryption-TrueCrypt

10. When creating volume, it is advisable to give volume a file name, for example, in addition to the name of the file, such as. Dat,.cfg,,.sav such a file name can reduce the likelihood of being guessed as a TrueCrypt file.

12. TrueCrypt offers three basic algorithms, AES, Serpent, and Twofish. These three algorithms are the candidates for the high-level cryptographic algorithms of the American National Standard Technology Institute, so the three algorithms have a certain degree of strength, only one of the algorithms to do the encryption strength is enough, if you want to increase the strength of encryption, you can choose more than two algorithms to combine, But consider the computing speed of the computer itself, and the numbers provided by "Benchmark" can be used by users as a reference.

    To the complex Minatomachi River algorithm, provide RIPEMD-160, SHA-512, whirlpool three methods, any choice can be.

    If you want to know a little bit about the basic concepts of these algorithms, you can take a look:
    So your information can't be solved by the FBI! TrueCrypt Cryptographic software Principles (1/3)

13. The next step for

14. is to select the size of the volume. If it is a person using TrueCrypt volume the size of the maximum 512MB Dolcevita Dolcevita has the remainder, personal use to save private information volume size is only 50M, but if there is another need for work, and then the need to build a larger volume. The

    ※volume capacity is slightly larger than its own forecast size and will be lost due to the size of the cluster.

16. Finally to the part of the setup code, the TrueCrypt of the code below, as if it were possible not to include the word found in the dictionary (to avoid password being attacked by a dictionary file), not include the name or date of birth, and then the best size of the code, and include [ email protected]#$%^ ... such as special characters, the last password length of more than 20 characters, the more characters the stronger the password, TrueCrypt support up to 64 characters.

    In addition to password protection, TrueCrypt also supports the use of keyfile. Simply, if there is a keyfiles, other users without the right keyfile (s), access to the password can not be opened in the encryption area (Volume)

    Press the KeyFiles button, you will see this kind of dialogue window, TrueCrypt supports three kinds of keyfiles:files, Path, Token Files. The token files are used by Secuirty token and smart card as KeyFiles, suggesting that users of higher security need to use this option, and that the general user can use files and path. In the lower-right corner of the

    KeyFiles window, there is a: Generate Random keyfile, the next step is to jump out of a window to produce a new keyfile. As long as the user moves your mouse in the range of this window, the longer it moves, the greater the strength of the encryption. After completing the press of generate and save KeyFile, you will jump out of the file window, remembering that the file will be assigned a file name at the time of naming it, for reasons that have been explained before the volume is established, and there is no more baggage.

    However, instead of using only one keyfile at a time, TrueCrypt supports the existence of a keyfile, and in addition to the keyfile established by the aircraft, it is recommended to take other existing files (*.pdf, *.avi, *.dll...etc). As a keyfile, but remember not to accidentally cut the file as a keyfile, it is the immortal to save the dead.

18. The final step is to format the volume, file system I recommend the use of NTFS, jungle set (Cluster) size in accordance with the established volume size, if only 10MB, the default can be, the larger it will make available space becomes smaller. However, if the volume capacity is more than GB, cluster can increase the efficiency of file transport.

    As the random Pool block in the middle is the same as the random keyfile, the more you move the mouse in the range of this window, the better the random effect will be, and then just press the Format button to finish.

Download Information Encryption Area

1. Open the TrueCrypt main window and select the disk you want to load, and here I choose the Q drive as an example.

2. After choosing the volume files to be downloaded, select Mount.

3. Next, jump out of the password window, if you have previously set KeyFiles, remember to click the KeyFiles button and then Mount KeyFiles.

4. The load will see the disk Q in My computer's checklist, and this is the new TrueCrypt Volume

Basic Setup Solutions

Main Window →setting→perferences

Default Mount Option

Mount Volumes as Read-only
-volume will be downloaded as a unique magnetic area, if you do not want to download the information is modified, it can be volume to the unique magnetic area if you do not want to download the information is modified, you can download the volume as a unique magnetic area

Mount Volumes as removable media
-Volume as a detachable medium

TrueCrypt Background Task

Enable
-Tick this to make TrueCrypt a background job.

Exit when there is no mounted Volumes
-When the volume is not loaded, the TrueCrypt main window is closed. If the previous option is not selected, TrueCrypt unloading the last volume is equivalent to shutting down the TrueCrypt, the previous option if the tick is scaled down to the system (trayicons)

Actions to perform up logon to Windows

This part of the decision is whether the TrueCrypt will be started after Windows is logged in.

Start TrueCrypt Background Task
-When Windows is logged in, it truecrypt to background work

Mount all device-hosted TrueCrypt Volumes
-Load all the encryption areas (Volume) of the device's main terminal, which refers to the cut area as a Volume.

Auto-dismount

User logo off
-When the user is logged out, remove the download automatically

Screen Saver is launched
-The Screen protection program is automatically removed when it is

Entering Power Saving Mode
-Power-saving mode, when using the pen, pay special attention to this, if the check may affect the normal use.

Auto dismount volume after no data has been read/written to if for ___ Minutes
-When the volume does not have the material to write in or read the time to unload automatically volume

Force Auto-dismount Even if volume contains open files or directories
-compelling removal, even if the volume is still opening a particular file or folder, if you want to use the auto-unload feature, then this must be enabled, or the self-unloading will be interrupted.

Windows

Open Explorer windows for successfully mounted volume
-Successfully downloaded volume volume in the Archives

Use a different taskbar icon when there is mounted volumes
-The work icon displayed on the volume is different from the flat.

Preserve modification timestamp of file containers
-No more volume "Last Modified Time", because the TrueCrypt's preset does not change the size of the volume, so if you use software to make a difference, the volume of TrueCrypt will be considered unmodified, and to solve this problem you cannot select this item.

Password Cache

Cache Password in driver memory
-Cache the password in the driver memory

Wipe Cached Passwords on exit
-truecrypt the main window to erase the quick access password

Wiped cached passwords on Auto-dismount
-Erase the Quick access code when you download it automatically

More passwords, KeyFiles

In the front, although TrueCrypt itself has the ability to provide a volume password and keyfiles, it is better to re-make a volume when it comes to needing to switch passwords or keyfile, which is the biggest advantage of choosing an independent file as the volume.

1. Open the TrueCrypt main window and first select the volume that will change the password/keyfiles.

2. Then click Volume Tools in the main window, select Change Volume password or add/remove keyfiles to/from Volume. These two called functions are actually modeled ￣▽￣| |

3. After opening the "Change Password or keyfiles" window, the upper half of the window is the password and keyfiles that will be entered now, and the following is the password and keyfiles to be used in the future. In general, you can change the password or keyfiles, if the following only enter the password, then download volume will only need to enter the password, remember.

Note: The basic way to use this should be introduced. For other functions of TrueCrypt, I'll say it when I'm free someday.

[How to] TrueCrypt use of education-important information of the Encryption Insurance box (RPM)