VeraCrypt has emerged from the TrueCrypt encryption program and is one of the most popular open source programs. The freeware for data security can create encrypted containers as well as encrypt hard disk, SSD, USB stick and SD card. The operation of VeraCrypt is similar to that of TrueCrypt, because the encryption software uses parts of the TrueCrypt 7.1a code. In addition, VeraCrypt Portable is a portable version that does not need to be installed.
Successor of TrueCrypt
VeraCrypt is not a reaction to the project end of TrueCrypt in 2014, because VeraCrypt was already finished by its French developer in June 2013 and was already a TrueCrypt alternative when the project end of TrueCrypt could not yet be foreseen. With the end of TrueCrypt, VeraCrypt is considered the successor to TrueCrypt and takes over its role as a cross-platform encryption program for Windows, macOS and Linux and can even be used on the mini-computer Raspberry Pi.
Alternative to Bitlocker
Under Windows, VeraCrypt also offers an open source alternative to Bitlocker, Microsoft’s encryption software. Because in view of the information made known by whistleblower Edward Snowden, the question arises as to whether secret services can bypass the Bitlocker encryption and password.
TrueCrypt has security vulnerabilities
The encryption software TrueCrypt always had the drawback that nobody really knew who was behind the software project and whether there are backdoors built in that circumvent the protection by password and encryption. This turned out to be unfounded in retrospect, but the security of TrueCrypt still leaves much to be desired. This is because the software has known vulnerabilities in the tested version that are closed in VeraCrypt, which increases security.
Encrypt more securely with VeraCrypt
The encryption software VeraCrypt encrypts the containers or volumes more securely than TrueCrypt. Compared to TrueCrypt, VeraCrypt uses 327661 instead of 1000 iterations to encrypt the system partition with PBKDF2-RIPEMD160, and 655331 iterations instead of 2000 for the containers. There are also delays when opening encrypted partitions, which are tolerable for the authorized owner, but which are more burdensome for crackers and hackers. When attempting to decrypt encrypted drives or containers, Brutforce attacks are used to find out the password. Millions of possible passwords are tried out, so any delay significantly increases the time it takes to find the right password. This reduces the probability of breaking the encryption, which makes the computer system more secure, especially since a Brutforce attack can now be detected in time and prevented by measures such as blocking the hacker’s IP.
Encrypt container with VeraCrypt
To protect private files from unauthorized access, it is sufficient to store them in a container encrypted with VeraCrypt. A VeraCrypt container is a file that can be stored on any drive such as hard disks, USB sticks or alternatively in the cloud.
The size of the file is specified by the user when creating and encrypting the container with VeraCrypt. The maximum size depends on the storage medium and the file system on it. If the latter is FAT32, the container file can have a maximum size of 4 GByte.
When opening with VeraCrypt by entering a password, the container file is mounted as a virtual drive under Windows, macOS and Linux and can be used as a partition. Please note that VeraCrypt requires an administrator password of the computer as well as the password for the container when opening the first container file. The latter is necessary to mount the decrypted container as a virtual drive in the system. A user with a standard account cannot therefore open a VeraCrypt container.
In addition to encryption, VeraCrypt also offers data hiding. This is realized via hidden containers, which VeryCrypt creates inside an encrypted drive or container. Hidden containers are intended for very secret files. Encrypted containers and drives can only be decrypted with a password, but they are visible. Accordingly one could be forced to hand over the password. If this is the case, the files in the contained hidden container remain invisible because they are protected with their own password. This password must of course be different from the one chosen for decrypting the visible encrypted container or drive.
Compatibility with TrueCrypt containers
Anyone who has created encrypted TrueCrypt containers can usually open them with VeraCrypt and not only read the content, but also change it. After selecting the TrueCrypt container and clicking on “Mount”, the check mark in front of “TrueCrypt Mode” must be set, which VeraCrypt does automatically in the current version. If there should be problems, an attempt remains in read-only mode, after which the folder can at least be opened for reading. However, folders created with VeraCrypt cannot be opened by TrueCrypt. This should come as no surprise to TrueCrypt experts, since TrueCrypt containers of a newer TrueCrypt version cannot be opened by an older one either.
Encryption for Windows, Linux and macOS
The encryption with VeraCrypt is possible under Windows, Linux and macOS. The corresponding setup files are available in our download area or on the project page of VeraCrypt. These must be executed under Windows and macOS as usual.
Linux users receive an archive file that is unpacked first. Then the 32- or 64-bit version is installed, with the choice between a command line version or the one with user interface (GUI). Among the Linux variants there is also one for Raspbian, the Linux distribution for the mini-computer Raspberry Pi. A package that can be installed with the Debian tool apt-get is still missing.
Use VeraCrypt as portable version
As with TrueCrypt, there is also a portable version of VeraCrypt that can be started as portable software from a USB stick without installation. VeraCrypt Portable has the same functions as the standard version of VeraCrypt and can be used on the computer with administrator rights.
Tips & tricks for VeraCrypt: