Software:DiskCryptor
 | |
 DiskCryptor main window | |
| Developer(s) | Anonymous ntldr David Xanatos[1] |
|---|---|
| Stable release | 1.2.2/848.118.202 Stable
/ 27 April 2020 |
| Written in | C, Assembly |
| Operating system | |
| Available in | English |
| Type | Disk encryption software |
| License | GNU GPLv3 |
| Website | diskcryptor.org |
DiskCryptor is a free and open-source full disk encryption system for Microsoft Windows.[2][3] It allows for the encryption of a PC's entire hard drive or individual partitions. It also includes the ability to encrypt the partition and disk on which the OS is installed.[4]
DiskCryptor was originally designed to replace commercial disk encryption systems such as DriveCrypt Plus Pack and PGP Whole Disk Encryption, and uses either AES-256, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption.
The project was originally started by a former TrueCrypt user and forum member who goes by the name of 'ntldr' (anonymous). According to the developer, it was originally fully compatible with TrueCrypt's container format as it used a corresponding partition format and encrypted data with AES-256 algorithm in LRW mode. However, according to the software's website, has since improved on the format in order to allow data-in-place encryption on Windows XP, to allow the system partition to have exactly the same format as non-system partitions and to support future project plans.
After the original TrueCrypt was discontinued, DiskCryptor is an alternative that had not been updated for a long time, but since 2020 development has restarted.[5] Notable changes are the ability to boot in an UEFI environment from GPT disks.[6][7] Other alternatives have appeared, most notably the source-available project VeraCrypt (based on the original TrueCrypt source code). However, DiskCryptor is more efficient and faster, which is mostly noticeable on NVMe storage devices.[8][9][10]
Program features
- Support for encryption algorithm AES, Twofish, Serpent, including their combinations.
- Transparent encryption of disk partitions.
- Full support for dynamic disks.
- Support for disk devices with large sector size (important for hardware RAID operation).
- Performance claimed to be comparable to efficiency of a non-encrypted system.
- Support for hardware AES acceleration:
- AES instruction set on recent Intel and AMD CPUs;
- PadLock extensions on VIA processors.
- Support for the SSD TRIM extension
- Support for hardware AES acceleration:
- Broad choice in configuration of booting an encrypted OS. Support for various multi-boot options.
- Full compatibility with third party boot loaders (LILO, GRUB, etc.).
- Full compatibility with UEFI/GPT boot
- Encryption of system and bootable partitions with pre-boot authentication.
- Option to place boot loader on external medium and to authenticate using the key medium.
- Support for key files.
- Full support for external storage devices.
- Option to create encrypted CDs and DVDs.
- Full support for encryption of external USB storage devices.
- Automatic mounting of disk partitions and external storage devices.
- Support for hotkeys and optional command-line interface (CLI).
- Open license GNU GPLv3.
For limitations in the current version, as well as other technical information, see official website .
Encryption algorithms
All algorithms are implemented in XTS mode.
Hash function
- prf HMAC-SHA-512
Performance
With modern computer system that have hardware accelerated AES calculations, Diskcryptor has nearly native write/read performance in the multi GB/s range even on very fast modern storage devices like NVMe.[8] On an Intel Core 2 Quad (Q6600) CPU data encryption speed amounts to 104 MB/s per core.[11] Crypto-algorithms for the x86 version are implemented in assembly language, the implementation having a maximum number of optimizations for the Intel Core line of processors, however it performs sufficiently fast on any other processor as well.[12] Almost all possible enhancements to improve the performance have been applied such as the AES algorithm code is being dynamically generated with optimization made for the usage of a particular key.[11]
Supported OS
| Operating systems | Service pack | Instruction set architecture | |
|---|---|---|---|
| Windows | XP | SP0–SP3 | x86, x64 |
| Server 2003 | SP0–SP2 | x86, x64 | |
| Vista | SP0–SP2 | x86, x64 | |
| Server 2008 | SP0–SP2 | x86, x64 | |
| 7 | SP0–SP1 | x86, x64 | |
| Server 2008 R2 | x64 | ||
| 8, 8.1 | x86, x64 | ||
| Server 2012 | x64 | ||
| 10 | x86, x64 | ||
See also
References
- ↑ "DavidXanatos - Overview". https://github.com/DavidXanatos.
- ↑ OTFEDB entry for DiskCryptor v0.2
- ↑ Whitepaper: Full-Disk-Encryption Crash-Course – Everything to hide by Jürgen Pabel
- ↑ DiskCryptor version history
- ↑ "Releases · DavidXanatos/DiskCryptor". https://github.com/DavidXanatos/DiskCryptor/releases.
- ↑ "DiskCryptor". 14 February 2022. https://github.com/DavidXanatos/DiskCryptor.
- ↑ https://diskcryptor.org/
- ↑ 8.0 8.1 "Very bad performance on NVME SSD · Issue #136 · veracrypt/VeraCrypt". https://github.com/veracrypt/VeraCrypt/issues/136.
- ↑ "VeraCrypt / Forums / Technical Topics: High CPU load while performing disk R/W". https://sourceforge.net/p/veracrypt/discussion/technical/thread/bacd5d29/.
- ↑ "VeraCrypt / Forums / General Discussion: SSD Very Slow Performance Compared to BitLocker (Using AES)". https://sourceforge.net/p/veracrypt/discussion/general/thread/9cb021ad/.
- ↑ 11.0 11.1 "DiskCryptor official website: DiskCryptor Wiki, Main Page". https://diskcryptor.net/wiki/Main_Page.
- ↑ "VeraCrypt / Forums / Technical Topics: High CPU load while performing disk R/W". https://sourceforge.net/p/veracrypt/discussion/technical/thread/bacd5d29/#9f39.
External links
 |
