Wikipedia

Comparison of disk encryption software

This is an old revision of this page, as edited by 38.98.155.10 (talk) at 17:32, 2 January 2007 (Layering). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Technical feature comparison of different disk encryption software.


Background information

Name Developer Introduced date Licensing Operating system support Development status
BestCrypt Jetico 1993 Commercial, limited source code Linux 2.6, Windows NT-based, Windows 9x, Windows 3.1, MS-DOS Maintained
PGPDisk PGP Corporation 1998 Commercial, closed source? Windows NT-based, Mac OS X Maintained
DriveCrypt SecurStar GmbH 2001 Commercial, closed source Windows NT-based Maintained
GBDE Poul-Henning Kamp 2002-10-19[1] Free, open source (BSD) FreeBSD 4.11+ Maintained?
cryptoloop ? 2003-07-02[2] Free, open source (GPL) Linux 2.5-2.6 Deprecated, known vulnerabilities
CGD ? 2003-08-14[3] Free, open source (BSD) NetBSD 2.0+ Maintained?
TrueCrypt TrueCrypt Foundation 2004-02-02[4] Free, open source (custom) Linux 2.6, Windows NT-based Actively developed
dm-crypt/cryptsetup ? 2004-03-11[5] Free, open source (GPL) Linux 2.6 Actively developed
FreeOTFE Sarah Dean 2004-10-10[6] Free, open source (custom) Windows NT-based, Pocket PC Actively developed
dm-crypt/LUKS Clemens Fruhwirth 2005-02-05[7] Free, open source (GPL) Linux 2.6 Actively developed
GELI Pawel Jakub Dawidek 2005-04-11[8] Free, open source (BSD) FreeBSD 6.0+ Maintained?
Sentry 2020 SoftWinter 1998[9] Commercial, closed source Windows NT-based, Pocket PC Actively developed
CrossCrypt Steven Scherrer 2004 Free, open source (GPL) Windows NT-based Maintained?

Features

  • Hidden containers: Whether hidden containers can be created for deniable encryption. Note that some modes of operation can be more prone to watermarking attacks than others.
  • Pre-boot authentication: Whether authentication can be required before booting the computer, thus allowing one to encrypt the boot disk.
  • Custom authentication: Whether arbitrary byte strings can be supplied as keys programmatically, that can be coupled with third party authentication mechanisms.
  • Multiple keys: Whether an encrypted volumes can have more than one active keys.
  • Passphrase strengthening: Whether key strengthening is used with plaintext passwords to frustrate dictionary attacks.
  • Hardware acceleration: Whether dedicated cryptography acceleration extension cards can be taken advantage of.
Name Hidden containers Pre-boot authentication Custom authentication Multiple keys Passphrase strengthening Hardware acceleration
BestCrypt Yes No No ? ? No
PGPDisk No Yes[10] ? Yes Yes[11] ?
DriveCrypt Yes Yes No Yes Yes No
GBDE No No[12] Yes Yes[13] No[13] No[12]
cryptoloop No Yes[14] Yes No No Yes
CGD No No Yes[15] Yes[16] Yes[17] ?
TrueCrypt Yes No No No Yes No
dm-crypt/cryptsetup No Yes[14] Yes No No Yes
FreeOTFE Yes No No Yes[18] Yes No
dm-crypt/LUKS No Yes[14] Yes Yes Yes Yes
GELI No Yes[12] Yes Yes[19] Yes[19] Yes[12]
Sentry 2020 No No No ? ? No
CrossCrypt No No No No No No

Layering

Further information: Encryption layer in storage stack
  • Whole disk: Whether the whole disk can be encrypted, including the partition tables. Note that this does not imply that the encrypted disk can be booted off of; refer to "pre-boot authentication" in the features comparison table.
  • Partition: Whether individual disk partitions can be encrypted.
  • Logical volume: Whether individual logical volumes can be encrypted.
  • File: Whether the encrypted container can be stored in a file (usually implemented as encrypted loop devices).
  • Swap space: Whether the swap space (called a "pagefile" on Windows) can be encrypted individually/explicitly.
Name Whole disk Partition Logical volume File Swap space
BestCrypt No ? No Yes Yes
PGPDisk Yes Yes ? Yes No
DriveCrypt Yes Yes Yes Yes Yes
GBDE Yes Yes Yes ? Yes
cryptoloop Yes Yes Yes Yes Yes
CGD Yes Yes Yes No[17] Yes
TrueCrypt No No No Yes No
dm-crypt Yes Yes Yes Yes[20] Yes
FreeOTFE Yes Yes ? Yes No
GELI Yes Yes Yes ? Yes
Sentry 2020 No ? ? Yes No
CrossCrypt No No No Yes No

Modes of operation

Further information: Disk encryption theory
  • Plain CBC: The CBC (cipher block chaining) mode where initialization vectors are statically derived from the sector number and and not secret; this means that IVs are re-used when overwriting a sector and the vectors can easily be guessed by an attacker.
  • CBC with ESSIV: The CBC mode where initialization vectors are statically derived from the encryption key and sector number with a cryptographic hash function. The IVs are secret, but they are nevertheless re-used with overwrites.
  • LRW: The Liskov-Rivest-Wagner tweakable narrow-block mode, a mode of operation specifically designed for disk encryption.
  • Random per-sector keys: The CBC mode where random keys are generated for each sector when it is written to, thus does not exhibit the typical weaknesses of CBC with re-used initialization vectors. The individual sector keys are stored on disk and encrypted with a master key.
Name Plain CBC CBC with ESSIV LRW Random per-sector keys
BestCrypt Yes No No No
PGPDisk ? ? ? ?
GBDE No No No Yes[13]
cryptoloop Yes No No No
CGD Yes[21] No No No
TrueCrypt Yes No Yes[22] No
dm-crypt Yes Yes Yes[23] No
FreeOTFE Yes Yes No No
GELI No Yes[24] No No
Sentry 2020 ? ? ? ?
CrossCrypt Yes No No No

Notes and references

  1. ^ "gbde(4) man page in FreeBSD 4.11". GBDE manual page as it appeared in NetBSD 4.11. Retrieved 2006-12-24.
  2. ^ Initial cryptoloop patches for the Linux 2.5 development kernel: http://uwsg.iu.edu/hypermail/linux/kernel/0307.0/0348.html
  3. ^ "cgd(4) man page in NetBSD 2.0". CGD manual page as it first appeared in NetBSD 2.0. Retrieved 2006-12-24.
  4. ^ "TrueCrypt version history". Retrieved 2006-12-24.
  5. ^ dm-crypt was first included in Linux kernel version 2.6.4: http://lwn.net/Articles/75404/
  6. ^ "FreeOTFE version history". Retrieved 2006-12-24.
  7. ^ Clemens Fruhwirth. "LUKS version history". Retrieved 2006-12-24.
  8. ^ "geli(8) man page in FreeBSD 6.0". GELI manual page as it first appeared in FreeBSD 6.0. Retrieved 2006-12-24.
  9. ^ "Sentry 2020 news". Retrieved 2007-01-02.
  10. ^ "PGP Whole Disk Encryption FAQ". PGP Corporation. Retrieved 2006-12-24.
  11. ^ PGP private keys are always protected by strenghtened passphrases
  12. ^ a b c d "FreeBSD Handbook: Encrypting Disk Partitions". Retrieved 2006-12-24.
  13. ^ a b c Poul-Henning Kamp. "GBDE - GEOM Based Disk Encryption" (PDF). GBDE design document. Retrieved 2006-12-24.
  14. ^ a b c dm-crypt and cryptoloop volumes can be mounted from the initrd before the system is booted
  15. ^ Poul-Henning Kamp (2005-03-02). "FUD about CGD and GBDE". freebsd-hackers mailing list post. Retrieved 2006-12-24.
  16. ^ Federico Biancuzzi (2005-12-21). "Inside NetBSD's CGD". interview with Roland Dowdeswell. ONLamp.com. {{cite web}}: Text "accessdate-2006-12-24" ignored (help)
  17. ^ a b Roland C. Dowdeswell, John Ioannidis. "The CryptoGraphic Disk Driver" (PDF). CGD design paper. Retrieved 2006-12-24.
  18. ^ FreeOTFE allows multiple keys to mount the same container file via encrypted keyfiles
  19. ^ a b "geli(8) man page in FreeBSD-current". GELI manual page in current FreeBSD. Retrieved 2006-12-24.
  20. ^ dm-crypt can encrypt a file-based volume when used with the losetup utility included with all major Linux distributions
  21. ^ "man 4 cgd in NetBSD-current". NetBSD current manual page on CGD. 2006-03-11. Retrieved 2006-12-24.
  22. ^ New containers created with TrueCrypt versions 4.1 and up use LRW, old containers use plain CBC
  23. ^ Starting with Linux kernel version 2.6.20, CryptoAPI supports the LRW mode: http://lwn.net/Articles/213650/
  24. ^ "Linux/BSD disk encryption comparison". Retrieved 2006-12-24.


See also

 

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Comparison_of_disk_encryption_software&oldid=97973301"