Whole-filesystem encryption with Truecrypt
Truecrypt is an open source, multi-platform representative of the encrypted filesystem product category.
It's possible to encrypt files, individually. But products like Truecrypt encrypt filesystems instead. What's a filesystem? It's not the same thing as a file. It's what you find on a disk or a disk partition. So, doesn't that make it a file? Files after all are what you find on a disk or a disk partition. No. Files are found on a filesystem. The filesystem might be on a disk, but it might just as well not be. Indirectly a file could reside on a disk, if its filesystem happens to be on one, but that's incidental. As counterexample, if you put a filesystem in memory (sometimes called a RAM disk) you can equivalently put a file there. Instead of on a disk. That can be done on a computer that possesses no disk whatsoever. When you write a file, if it ends up on a disk, that's only incidental.
A distinguishing feature of filesystems is a file directory, which plays the same role for the filesystem as does the table of contents for a book. Here is some related information.
So the focus is on filesystems. That's what Truecrypt works with. So where could a filesystem be? Anywhere that stores data. A RAM disk. A flash disk. A hard disk. A disk partition (hard disks can be split into these, each behaving like a disk of its own). Or if you already have a filesystem somewhere in your computer (as is normal), and there's a file on it, you could put a filesystem inside that file. Along comes Truecrypt. It can stand between any filesystem and software that reads and writes to it, and conduct the dynamic service of encrypting everything written on the way in and decrypting everything read on the way out.
In the exercise below we will apply Truecrypt to a file, assuming that you have a filesystem on your computer so are able to have files. Applying Truecrypt to a file is less intrusive than applying it to a partition or a whole drive, although you could reasonably and usefully do it on a USB drive. (Maybe you'll want to take what you learn doing this exercise and consider putting it to use afterward to equip yourself with a secured USB drive. How many times have you lost one of those before?).
the exercise to perform
Download Truecrypt from http://www.truecrypt.org/downloads.php.
Install it.
Download a hex dump utility. For Windows see http://mh-nexus.de/en/hxd/. For
linux, try "xxd -g1 <filename>", xxd may be already installed. If not,
try "od -Ad -tx1z <filename>". od is almost always installed.
Otherwise google for a hex dump utility for your platform, there are many.
Read through the tutorial on
the Truecrypt website.
Following the tutorial, create an encrypted volume (file) 1MB or 1,048,576 bytes
in size. Name it "my-encrypted-filesystem-container". When asked to choose a
password, choose "password".
View your new file (unmounted) with your hex dump utility, to observe that the content appears to be random garbage.
In Truecrypt, mount it, as some "drive letter" if in Windows or
mountpoint if not.
Download dracula750K.txt from a source indicated by your instructor. dracula750K.txt contains
the word "dracula" repeated about 90,000 times. It is 750,000 bytes in size.
Put a copy of dracula.txt onto the Truecrypt "drive" (which is actually contained inside the file
my-encrypted-filesystem-container). It will occupy about three-quarters of the 1MB container in which it is being placed.
Examine the file in your hex dump utility and in an editor, to confirm the name
"dracula" is repeated ad infinitum in there.
In Truecrypt, dismount my-encrypted-filesystem-container (disconnecting it from its drive letter, and
thus from visibility and status as a drive).
View my-encrypted-filesystem-container (now again unmounted) with a hex dump utility, to observe that the content
still appears to be random garbage. Even though we know it to contain
"dracula" 90,000 times which is decidedly not random garbage.
This is what the guy who finds your USB drive is going to see. Thank you
Truecrypt.
Download my-encrypted-filesystem-container-morgan from a source indicated by
your instructor.
To submit
1. As an email attachment, send me your "my-encrypted-filesystem-container" after renaming it by suffixing it with your last name. For example, if your last name is Smith, use the name "my-encrypted-filesystem-container-smith".
2. With Truecrypt mount my-encrypted-filesystem-container-morgan. "password" is the password. Find out what it contains. Send me an email identifying the contents. Don't just name the files, name the documents they contain.
You will send me a single email message. The text of the message answers (2) and the attachment answers (1).