TrueCrypt is one of the best tools known to us used for real-time on-the-fly encryption. On-the-fly encryption means encrypting every file as they are getting written on this disk and decrypting as they are being read from the disk. It is automatically encrypted or decrypted right before it is loaded or saved, without any user intervention.
* Creates a virtual encrypted disk within a file and mounts it as a real disk.
* Encrypts an entire partition or storage device such as USB flash drive or hard drive.
* Encrypts a partition or drive where Windows is installed (pre-boot authentication).
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
* Provides plausible deniability, in case an adversary forces you to reveal the password by using
Hidden volume and hidden operating system.
* Encryption algorithms: AES-256, Serpent, and Twofish.
How to make and use TrueCrypt volume?
Download and install TrueCryptSetup.exe from http://truecrypt.org
Run TrueCrypt.exe from installed location
In TrueCrypt window, click Create Volume (as shown in the above figure).
TrueCrypt Volume Creation Wizard will appear.
In this step, you need to choose where you wish the TrueCrypt volume to be created. A TrueCrypt volume can reside in a file, which is also called container, in a partition. This is where all your secret data lies
On this wizard there are three options. For the sake of this guide we will choose the first option – Create an encrypted file container and create TrueCrypt volume within a file.
Select the first option and click Next
As the option is selected by default, you can just click Next.
Note: In the following steps, the screenshots will show only the right-hand part of the Wizard window.
Now you need to choose the volume type – Standard or Hidden Volume. We will choose the first option i.e Standard True Crypt. Select it and click Next.
Here you need to specify the location where you want to create TrueCrypt volume (file container).
A TrueCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Make sure you keep that file in safe place.
Click Select File and you’ll see file window like below.
We will create our TrueCrypt volume in the folder D:My Documents and the filename of the volume (container) will be My Volume (as can be seen in the screenshot above). You may choose any other filename and location you like (for example, on a USB memory stick). Note that the file My Volume does not exist yet – TrueCrypt will create it. After clicking Save, we will be return to the TrueCrypt Creation Wizard.
In the Volume Creation Wizard window, Click Next.
Here we need to choose an encryption algorithm and a hash algorithm for the volume. Choose a good one for you and if you are not sure what to select, you can use the default settings and click Next.
Here you need to specify the desired size in the input field.
This is the most important step. You need to choose a good volume password. Read the information given on the screen.
After choosing a considerably good password click Next.
Now you have to move your mouse as randomly as possible within the Volume Creation Wizard Window at least for 30 seconds. This significantly increases the key strength of the encryption keys which, of course, security. What works in background is random number generation based on your mouse coordinates.
Volume creation will begin. Depending upon the size of the volume, the volume creation time may take a long time. After it is finished, following dialog box will appear.
Click OK to close the dialog box.
We have just successfully created a TrueCrypt volume (file container).
In the TrueCrypt Volume Creation Wizard window, click Exit.
The Wizard window should disappear.
Mounting of encrypted drive for use
Now we’ll mount the volume we just created to store files. Launch TrueCrypt and
continue. This time we’ll use same window but for mounting the encrypted drive on a drive letter.
Select a drive letter from the list. This will be the drive letter to which the TrueCrypt container will be mounted.
Click Select File.
The standard file selector window should appear
Here select the container file which we created in Steps 6-11.
The file selector window should disappear.
In the following steps, we will return to the main TrueCrypt window.
In the main TrueCrypt window, click Mount.
Password prompt dialog window should appear.
Type the password which you specified in Step 10 above.
Click OK in the password prompt window.
TrueCrypt will now attempt to mount the volume. If the password is incorrect (for example, if you
typed it incorrectly), TrueCrypt will notify you and you will need to repeat the previous step (type
the password again and click OK). If the password is correct, the volume will be mounted.
We have just successfully mounted the container as a virtual disk M:
The virtual disk is entirely encrypted (including file names, allocation tables, free space, etc.) and
behaves like a real disk. You can save (or copy, move, etc.) files to this virtual disk and they will be
encrypted on the fly as they are being written. This can also be accessed from any application normaly
If you open a file stored on a TrueCrypt volume, the file will be automatically decrypted to RAM (memory) on the fly while it is being read.
The best part is when you write/copy a file to/from the TrueCrypt volume, you will not be asked to enter the password again.
You can also browse to the mounted volume the way you normally browse to any other types of
volumes. For example, by opening the ‘Computer’ (or ‘My Computer’) list and double clicking the
corresponding drive letter (the letter is M in our example).
You can copy files to and from the TrueCrypt volume just as you would copy them to any normal
disk (for example, by simple drag-and-drop operations). Files that are being read or copied from
the encrypted TrueCrypt volume are automatically decrypted on the fly (in memory/RAM).
Similarly, files that are being written or copied to the encrypted TrueCrypt volume are automatically
encrypted on the fly (right before they are written to the disk) in RAM.
Note that TrueCrypt never saves any decrypted data to a disk – it only stores them temporarily in
RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted.
When you restart Windows or turn off your computer, the volume will be dismounted and all files
stored on it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted
(without proper system shut down), all files stored on the volume will be inaccessible (and
encrypted). To make them accessible again, you have to mount the volume.