Dropping TrueCrypt? I Look At Some Alternatives
Just like the above German rotor, cryptographic tools come and go. You might think the end is near for TrueCrypt. And you may be right, though I still think you can safely use version 7.1a. If you do intend on looking for a reasonable alternative to TrueCrypt’s features, finding the right tool may be a challenge. I’ve decided to install and quickly test a few of the freely available encryption tools to see if they’re worth your effort. Read on for more details.
Naturally, the expectation here is not to uncover each and every alternative; nor is it to pour over every minute detail. I’m simply after a quick look and determination of the application as a viable alternative to that of TrueCrypt. I conducted these tests on one of the most common platforms in today’s computing environment, Windows 7. Many of these tools are offered on other platforms, so be sure to check the respective website for your operating system if it isn’t listed. On to the tests.
CloudFogger (appears to be down)
The stated purpose of this tool appears to be encrypting data destined for cloud services such as Dropbox. CloudFogger seems to rely on an online account, but one of the setup options gives a local option. While the software is simple, it may be so simple, that it wasn’t clear whether my local data was being encrypted or not after installation.
As a TrueCrypt alternative, this may not be exactly what you’re looking for, but it does have the ability to encrypt single files. This is as simple as selecting a file in a non-watch folder, right-clicking and choosing “Fog File(s)”. This process is reversed to decrypt single files, and so on. This might be useful for encrypting files between computers (since you can save the pre-made keys). CloudFogger uses 256bit AES encryption. For the sake of identification, each encrypted file begins with the following characters “%File encrypted with Cloudfogger.com”.
Designed for Windows and OS X, AES Crypt is a single file encryptor that is invoked by way of a file context menu. Each time a file is encrypted, the tool asks for a password. Given the tedious nature of having to enter passwords every time a file is touched, you might consider the process tedious. To encrypt a file, simply right-click on the target, choose “AES Encrypt” and enter a password. The process is reversed to decrypt.
As a TrueCrypt alternative, AES Crypt lacks many of the kinds of features you might expect – but as a simple local file encryption tool, it works well and is simple. This tool certainly has a place for the paranoid user (or possibly as an easy way to encrypt and email files). AES Crypt uses 256bit AES encryption. Files encrypted by the version I tested to start with the following text “AES’CREATED_BY aescrypt (Windows GUI)”
Another single file encryption tool, AxCrypt is Windows-based and includes third-party (and possibly spammy or malicious) applications in its setup process. Common among installers of this ilk, the setup screen appears like you’re simply agreeing to another license agreement – when you’re actually consenting to install a program other than AxCrypt.
For the inclusion of other applications (whether useful or not), I recommend you avoid using this application as a TrueCrypt alternative or otherwise. Skip it.
DiskCryptor (appears to be down)
Primarily used as a full disk encryption tool on Windows, DiskCryptor can encrypt every disk on a system. Naturally, this operation requires the installation of drivers, and careful use as not to lose access or your computer would be rendered unbootable. Based on what I see, it seems possible that you could create a new partition, format it, and solely encrypt that drive; which would also be a very useful feature.
As a TrueCrypt alternative, DiskCryptor performs the full disk encryption just as well as TrueCrypt did, and if you’re looking for these features – this may do the job. Since full disk encryption is a very advanced feature, tread lightly when attempting to use these features on production data.
As probably the closest cousin to TrueCrypt, VeraCrypt is a Windows-based fork of TrueCrypt’s source. VeraCrypt purports to add various security features to that of TrueCrypt. Given that, you’ll find most, if not all of what’s familiar about TrueCrypt here. Many of the windows and settings are exactly the same. VeraCrypt also includes the important feature of creating hidden volumes and (a first sight) all of the same encryption standards that TrueCrypt includes. I tested the creation of a hidden volume and it worked without any issues.
If you’re looking for a TrueCrypt alternative, this may be your best hope. VeraCrypt does exactly what you expect, and appears to be actively maintained. This is probably the best alternative you’re currently going to find and well worth a look. All we need now is VeraCrypt’s code audited so we know that it can be trusted.
Shameless Plug – CRCutil
While you look for a TrueCrypt alternative, you might just be interested in a single file or text encryptor for on-the-fly stuff. I wrote a small tool that does just that and offers a few other smaller features that might work for you. CRCutil is free and easily downloadable from our site.
CRCutil doesn’t have any of the major features of TrueCrypt (like hidden volumes), but it does have a very small footprint, portability and a great measure of control over how things are encrypted. If you like it, let us know.
A fork of TrueCrypt (since 2013), GostCrypt appears to be similar to TrueCrypt in many respects. This project seems to have formed from the need to increase strengthen TrueCrypt‘s cipher strength.
GostCrypt lacks OS X platform support too. Update: GostCrypt now includes support for OS X. You can find that (and other platforms) on the download page. This is great news that makes GostCrypt a tool worthy of interest. Thanks to Tristan for alerting me of this change!
CipherShed appears to be a direct fork of TrueCrypt 7.1a codebase. Right from the beginning, they plan to support most platforms (Linux, Windows, OS X), which is nice. It’s not immediately clear (beyond security fixes) what they plan to add to TrueCrypt in active development, but at least an actively developed fork should be welcome. Since they are working on rebranding the old TrueCrypt code, there doesn’t seem to be any actual downloads of the tool. If you want to compile it yourself, the source looks to be over at Github.
We plan to bring out a re-branded version of #TrueCrypt 7.1a with some security fixes ASAP. Development has begun. #CipherShed
— CipherShed (@CipherShed) June 8, 2014
You’ll also notice the lack of Bitlocker or OS X encryption tools (as a suggestion). I do not remotely consider Bitlocker a viable alternative to TrueCrypt, and I suggest you avoid that. Creating encrypted containers on OS X is generally not a solution I would use either, though it may be worth a look sometime in the future. If you feel strongly about either as an alternative, do explain why in the comments.