This article is actively undergoing a major edit for a little while. To help avoid edit conflicts, please do not edit this page while this message is displayed. This page was last edited at 01:41, 25 December 2006 (UTC) (18 years ago) – this estimate is cached, . Please remove this template if this page hasn't been edited for a significant time. If you are the editor who added this template, please be sure to remove it or replace it with {{Under construction}} between editing sessions. |
This is a recently created article and the authors may not be familiar with all listed tools.
Information may be incorrect or incomplete, please edit or discuss on talk page if you know better. |
Technical feature comparison of different disk encryption software.
Background information
| Name | Developer | Introduced date | Licensing | Operating system support | Development status |
|---|---|---|---|---|---|
| BestCrypt | Jetico | 1993 | Commercial, limited source code | Linux 2.6, Windows NT-based, Windows 9x, Windows 3.1, DOS | Maintained |
| PGPDisk | PGP Corporation | 1998 | Commercial, closed source? | Windows NT-based, Mac OS X | Maintained |
| GBDE | Poul-Henning Kamp | 2002-10-19[1] | Free, open source (BSD) | FreeBSD 4.11+ | ? |
| cryptoloop | — | 2003-07-02[2] | Free, open source (GPL) | Linux 2.5-2.6 | Deprecated, known vulnerabilities |
| CGD | ? | 2003-08-14[3] | Free, open source (BSD) | NetBSD 2.0+ | ? |
| TrueCrypt | TrueCrypt Foundation | 2004-02-02[4] | Free, open source (custom) | Linux 2.6, Windows NT-based | Actively developed |
| dm-crypt/cryptsetup | — | 2004-03-11[5] | Free, open source (GPL) | Linux 2.6 | Actively developed |
| dm-crypt/LUKS | Clemens Fruhwirth | ? | Free, open source (GPL) | Linux 2.6 | Actively developed |
| FreeOTFE | Sarah Dean | 2004-10-10[6] | Free, open source (custom) | Windows NT-based, Pocket PC | Actively developed |
Features
| Name | Hidden containers | Pre-boot authentication | Custom authentication | Multiple keys | Passphrase strengthening |
|---|---|---|---|---|---|
| BestCrypt | Yes | No | No | ? | ? |
| PGPDisk | No | Yes[7] | ? | Yes | Yes[8] |
| GBDE | No | ? | ? | Yes[9] | No[9] |
| cryptoloop | No | Yes[10] | Yes | No | No |
| CGD | No | ? | Yes[11] | Yes[12] | Yes[13] |
| TrueCrypt | Yes | No | No | No | Yes |
| dm-crypt/cryptsetup | No | Yes[10] | Yes | No | No |
| dm-crypt/LUKS | No | Yes[10] | Yes | Yes | Yes |
| FreeOTFE | Yes | No | No | No | Yes |
Layering
| Name | Whole disk | Partition | Logical volume | File | Swap space |
|---|---|---|---|---|---|
| BestCrypt | No | ? | No | Yes | Yes |
| PGPDisk | Yes | Yes | ? | Yes | ? |
| GBDE | Yes | Yes | Yes | ? | Yes |
| cryptoloop | Yes | Yes | Yes | Yes | Yes |
| CGD | Yes | Yes | Yes | No[13] | Yes |
| TrueCrypt | No | No | No | Yes | No |
| dm-crypt | Yes | Yes | Yes | Yes[14] | Yes |
| FreeOTFE | No | Yes | ? | Yes | ? |
Modes of operation
| Name | Plain CBC | CBC with ESSIV | LRW | Per-sector keys |
|---|---|---|---|---|
| BestCrypt | Yes | No | No | No |
| PGPDisk | ? | ? | ? | ? |
| GBDE | No | No | No | Yes[9] |
| cryptoloop | Yes | No | No | No |
| CGD | Yes[15] | No | No | No |
| TrueCrypt | Yes | No | Yes[16] | No |
| dm-crypt | Yes | Yes | Yes[17] | No |
| FreeOTFE | Yes | Yes | No | No |
Notes and references
- ^ "gbde(4) man page in FreeBSD 4.11". GBDE manual page as it appeared in NetBSD 4.11. Retrieved 2006-12-24.
- ^ Initial cryptoloop patches for the Linux 2.5 development kernel: http://uwsg.iu.edu/hypermail/linux/kernel/0307.0/0348.html
- ^ "man 4 cgd in NetBSD 2.0". CGD manual page as it first appeared in NetBSD 2.0. Retrieved 2006-12-24.
- ^ "TrueCrypt version history". Retrieved 2006-12-24.
- ^ dm-crypt was first included in Linux kernel version 2.6.4: http://lwn.net/Articles/75404/
- ^ "FreeOTFE version history". Retrieved 2006-12-24.
- ^ "PGP Whole Disk Encryption FAQ". PGP Corporation. Retrieved 2006-12-24.
- ^ PGP private keys are always protected by strenghtened passphrases
- ^ a b c Poul-Henning Kamp. "GBDE - GEOM Based Disk Encryption" (PDF). Retrieved 2006-12-24.
- ^ a b c dm-crypt and cryptoloop volumes can be mounted from the initrd before the system is booted
- ^ Poul-Henning Kamp (2005-03-02). "FUD about CGD and GBDE". freebsd-hackers mailing list post. Retrieved 2006-12-24.
- ^ Federico Biancuzzi (2005-12-21). "Inside NetBSD's CGD". interview with Roland Dowdeswell. ONLamp.com.
{{cite web}}: Text "accessdate-2006-12-24" ignored (help) - ^ a b Roland C. Dowdeswell, John Ioannidis. "The CryptoGraphic Disk Driver" (PDF). CGD design paper. Retrieved 2006-12-24.
- ^ dm-crypt can encrypt a file-based volume when used with the losetup utility included with all major Linux distributions
- ^ "man 4 cgd in NetBSD-current". NetBSD current manual page on CGD. 2006-03-11. Retrieved 2006-12-24.
- ^ New containers created with TrueCrypt versions 4.1 and up use LRW, old containers use plain CBC
- ^ Starting with Linux kernel version 2.6.20, CryptoAPI supports the LRW mode: http://lwn.net/Articles/213650/
See also
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |