- What is Full Disk Encryption ?
- Benefits of Full Disk Encryption
- Good to read
- Software Based Full Disk Encryption vs Hardware Based Full Disk Encryption
- Best Open Source and free Full Disk Encryption Products
- Best Full Disk Encryption Products for Enterprises
Best Open Source and free Full Disk Encryption Products
There are quite a number of good Open Source or free Full Disk Encryption Products. They are cryptographically strong enough and can solve the basic purpose well.
1. Veracrypt
Features :
- Veracrypt is an open source disk encryption program under the Apache License. VeraCrypt is basically a fork of the discontinued TrueCrypt project.
- VeraCrypt can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device using pre-boot authentication.
- VeraCrypt can also create hidden encrypted volume within other volumes.
- It is available for Windows, Linux and OS X.
- Veracrypt uses On The Fly Encryption.
- VeraCrypt supports AES, Twofish, Serpent, Camellia and Kuznyechik.
- Please note that VeraCrypt may not be strictly free as it contains distribution and copyright liability restrictions.
- VeraCrypt users may have to take certain security precautions, as it may be vulnerable to certain attacks. For example, VeraCrypt keys are stored in RAM. So, attackers can use various malicious methods to retrieve the key and gain access to the computer.
- Attackers can even use keyloggers to retrieve the security keys of VeraCrypt using various methods and use that to access the computer.
Price : It is free. Please consult its licensing terms before using it.
2. BitLocker
Features :
- BitLocker is a Full Disk Encryption program included in Windows. One can find BitLocker in Pro, Enterprise, Ultimate or Education versions in Windows.
- It can encrypt the entire volumes.
- BitLocker may use three mechanisms to encrypt and decrypt disks. It can use TPM or Trusted Platform Module hardware to provide transparent encryption . In User Authentication Mode it may ask for user authentication in pre-boot environment. It can also use USB Key Mode in which a user needs to insert a USB drive containing secret keys. You would find more information on this in What is BitLocker ?
- By default BitLocker uses the AES encryption algorithm in cipher block chaining (CBC) or XTS mode with a 128-bit or 256-bit key.
Price : Available with Pro, Enterprise, Ultimate or Education versions of Windows.
3. DiskCryptor
Features :
- DiskCryptor is open source and free full disk encryption software for Microsoft Windows.
- It can encrypt entire hard drive or individual partitions. It can also encrypt the partition or disk on which Windows OS is installed.
- DiskCryptor is an Open Source software under GPL License.
- DiskCryptor uses either AES-256, Serpent, Twofish or a combination of cascaded algorithms in XTS mode to do the encryption.
- DiskCryptor provides transparent encryption of disk partitions.
- It provides support for dynamic disk.
- It also supports disks with large sector size.
- It is compatible with third-party boot loaders like LILO, GRUB etc.
- Encryption is possible using pre-boot authentication. One can also place boot loader on external medium and authenticate using the key medium.
- DiskCryptor provides the option of creating encrypted Cds, DVDs and external USB storage devices.
Price : It is Open Source and free.
4. FileVault
Features :
- FileVault is a Full Disk Encryption program for Mac OS.
- It provides On The Fly Encryption of volumes of a Mac Computer.
- FileVault does encryption using a user’s login password as the encryption passphrase.
- It uses the AES-XTS mode of AES with 128 bit blocks and a 256 bit key to encrypt the disk.
- FileVault creates master password and recovery keys on enabling it. A user can store the key with Apple.
Price : It comes with Mac OS X 10.3 and later.