When the TrueCrypt developers dissuaded people from further use of its software with an ominous security warning [1], many users were confused and concerned about their privacy, especially in the Windows camp, where TrueCrypt was a popular open source encryption solution (see the "TrueCrypt" box).

In the meantime, TrueCrypt fork VeraCrypt [2], which dates back to 2013, has inherited its predecessor's followers and introduced Linux support in 2014. Given that the Linux kernel already ciphers directories or entire partitions, why would Linux users want to embrace a program with a black spot in its history? VeraCrypt provides some solid reasons for doing so.

Plausible Reasons

One strong motive for the use of VeraCrypt is its guaranteed "plausibly deniable encryption": The encrypted container can embed a hidden inner container (Figure 1). Should you ever be forced to reveal your encryption password, you could do so for the outer container only (see the box "Plausible Deniability").

Figure 1: In free space in a VeraCrypt container pre-formatted with white noise, you can hide another container. Without knowledge of a separate password, users cannot view metadata about its extent or the encrypted container itself.

Figure 4: Partitions encrypted with the Linux on-board solutions dm-crypt/LUKS appear in the partition table as such.

Without the second password, you cannot even prove the existence of an inner container. After unlocking the outer container, it appears to be a blank space. Information relating to its extent is encrypted with the second password in a special reserved memory space. The metadata, like the entire inner container, looks like random values before you unlock them separately.

Although standard Linux tools dm-crypt and eCryptfs [8] are well suited for integration with the operating system (e.g., to encrypt the entire system or the home partition), in contrast, the VeraCrypt GUI lends itself to opening containers for particularly security-critical files as needed. To do this, you create a file-based container with a few mouse clicks (Figure 2); the container can be used not only on Linux, but also on Mac OS X and Windows.

Figure 2: The intuitively designed VeraCrypt dialog lets you create encrypted containers, even without prior knowledge or studying the manual.

The simple user interface (Figure 3) also handles the task of mounting encrypted volumes, which the program mounts transparently in the filesystem below /mnt or /media. Alternatively, VeraCrypt encrypts entire partitions. The command-line option --text eliminates the need to start the graphical user interface; you can control all the functions from the command line or with a script.

Figure 3: The VeraCrypt GUI mounts the encrypted volume and provides access to all other functions.

Secure?

Features like plausibly deniable encryption or a practical GUI are of little use if the underlying encryption method proves to be insecure. As always with security issues, you can only follow circumstantial evidence with known factors; potentially unknown vulnerabilities remain undetected.

To the best of my knowledge and belief, the security of VeraCrypt looks good. The software has a long history in open source: It is based on TrueCrypt, which in turn was based on Encryption for the Masses (E4M), launched in 1997 [9]. The TrueCrypt heritage might initially cause some concern, but the VeraCrypt developers understandably explain how they ironed out its known vulnerabilities [10]; in any case, they only affected the Linux version in part. The developers also subjected the code to two static analyses, which revealed some critical programming errors. An expert audit of VeraCrypt itself is still pending.

The software is available from SourceForge [11] in the form of an installer, which only installs a binary and some additional files. As always with security-related software, it pays to verify the integrity of the installation files with sha512sum. Compiling the software turns out to be difficult at present: The current openSUSE and Ubuntu releases include a compiler that uses the new C++ ABI by default, but not all of the utilities you need are available in this format.

Handy

The current documentation [12] for VeraCrypt leaves no questions unanswered. The basic functions of the software can be used without reading the manual anyway, thanks to the intuitively designed graphical interface. The Create Volume button starts the Volume Creation Wizard. You first need to decide whether you want to create a container or encrypt a hard disk partition. Then the wizard asks whether you want to create a standard volume or a container with an embedded hidden partition for plausibly deniable encryption (Figure 5).

Figure 5: After choosing the Hidden VeraCrypt volume option as the Volume Type, the wizard generates both the outer and an embedded hidden container in one pass.

You always need to create a standard outer container. To do so, stipulate a file path in which the software will create the container or the device file of a disk partition (e.g., /dev/sda3). In the Encryption Options dialog, the Encryption Algorithm default is AES and the Hash Algorithm default is SHA-512, which offer good run-time performance and impeccable security features from today's perspective.

Alternative encryption algorithms (Figure 6) are available in line with the common practice in cryptography of keeping all sensitive components interchangeable. Should future attack vectors compromise the current secure process, you can then change the algorithm but continue using the familiar software.

Figure 6: VeraCrypt lets you choose between various proven encryption algorithms.

After entering the desired volume size, type your password twice or select one or more keyfiles, which may consist of any number of files. For the filesystem, VeraCrypt uses the system global default, FAT; more sophisticated filesystems, such as NTFS and ext2/3/4, are also available for use. Of course, selecting an ext filesystem will impair compatibility with Windows. In the final dialog box, click on Format to start the process of generating the container.