Update: In April 2015 Phase II of the TrueCrypt audit was completed, effectively giving TrueCrypt a clean bill of health. We now therefore recommend using VeraCrypt, a TrueCrypt fork which has fixed most of the weaknesses found during the audit, and is under active development. Please see VeraCrypt & how-to basics for more details.
The sudden demise of TrueCrypt under very suspicious circumstances came as a shock to many who had come to rely not just on its secure file or full disk encryption, but its practical functionality, and the fact that it was a mature product whose open-source code was being carefully audited at the time of its demise with promising results.
While conspiracy theories abound over what happened, the practical problem is finding a secure alternative. Unfortunately this is not as easy as it sounds, as no true drop-in replacement for TrueCrypt exists.
In this article we will therefore we look at what secure open source encryption options are available for those wanting to secure their files.
It should be noted that while all the programs listed here are open source (the notion of using the closed source Microsoft Bitlocker, as suggested by the devs when they pulled the plug on TrueCrypt is so ridiculous and bizarre that even our hard-bitten and cynical BestVPN team starts to reach for their tin hats just at the thought), but none them have been nearly as extensively vetted as TrueCrypt (if at all).
Being open source and at least open to auditing, does however makes these programs the most secure options available.
Platforms: Windows, OSX, Linux (Crypt4All Lite for Android is compatible)
Pros: Per file encryption, very easy to use
Cons: individual file encryption only
This very easy to use Java based file encryption program integrates with the OS, providing simple file encryption using the right-click menu button (Windows and Linux, or drag and drop for OSX). File decryption is performed by simply by double-clicking the encrypted .aes file, and entering the password you supplied when creating it. A command line interface is also supported.
Although only individual files can be encrypted, this limitation can be overcome somewhat by creating zip files out of folders, and then encrypting the zip file with AES Crypt.
Encryption: AES_128 with HMAC-SHA1-128 data verification
Pros: Per file encryption, right-click OS integration, can encrypt all files in a folder and multiple files at once, can use keyfile instead of a passphrase (more secure as greater entropy), more options than AES Crypt, stand-alone portable version available, very easy to use
Cons: Windows only
Like AES Crypt, AxCrypt is a single-file encryption program, although it can easily encrypt/decrypt all files in a folder (not the folder itself), and multiple files at once. It also allows the creation and use of a keyfile (which is both easier than entering a pass phrase, and improves security as passwords generated in the keyfile are very strong), and will permanently shred files to prevent later recovery. A funky portable stand-alone version of AxCrypt is also available - perfect for carrying around on a USB stick.
However, although more fully featured than AES Crypt, AxCrypt is only compatible with Windows (and AxCrypt files can only be decrypted using AxCrypt), which somewhat limits the utility of this otherwise excellent little program.
Encryption: AES_256, Twofish and Serpent
Pros: Full disk encryption (including OS disk), setup file only 1Mb, can use key file instead of password
Cons: No per-file or per-folder encryption, no ‘hidden volumes’, no ‘hide drive’ option, unmounted drives still visible to system, Windows only
Perhaps the closest thing to a straight drop-in replacement for TrueCrypt, DiskCryptor is a full disk encryption program for Windows that allows you to encrypt hard drives (including CD’s USB sticks etc.), or individual partitions, including the ability to encrypt the partition and disk on which Windows is installed.
It does however lack many of the bells and whistles that TrueCrypt offered, such as ‘hidden volumes’. Earlier versions of DiskCryptor were compatible with TrueCrypt containers, but with version 5 this is no longer the case.
Encrypted drives can be mounted and unmounted, but a glitch in the program means that unmounted drives / partitions are still visible in Windows Explorer (where they can’t be accessed, but could be accidentally formatted), so the option to hide disks would be good.
Edit/warning: Reader BurntOutSpy has contacted me to say that "DiskCryptor has a backdoor... <redacted in order to avoid giving useful information to criminal hackers>.
I have not been able to independently verify this claim, but it sounds highly plausible. When I have the time I may test BurntOutSpy's method myself. In the meantime, it might be a very good idea to to give BoxCryptor a miss (and I now recommend VeraCrypt instead anyway).
Platforms: Linux, Windows (using encfs4win), Android (using Cryptonite app). With a bit of effort it is possible to get EncFS to run in OSX *.
Encryption: whatever libraries are available, usually Blowfish and AES. ‘Paranoid mode’ uses AES_256, , ‘filename block encoding with IV chaining per file, external IV chaining, MAC block headers’
Pros: Easy to use, great for secure cloud storage, files encrypted individually
Cons: Files in ‘personal’ folder are not encrypted, metadata (i.e. filenames and when a file is uploaded is modified in the cloud) is visible. Note that these are not really ‘cons’, but the logical consequences of EncFS’s strengths. Users should be aware of them however.
EncFS creates an encrypted volume, which is typically stored in a cloud storage folder (e.g. Dropbox) for easy cloud synching. This folder can be mounted locally as virtual drive, from where files can be accessed unencrypted, just as if they were files in a regular folder. When files are added to or changed in the virtual drive, they are encrypted and added to/changed in the encrypted folder.
An advantage when using EncFS to encrypt files kept in cloud storage is that (unlike TrueCrypt) each file in a volume is encrypted and stored individually, so a change to one file does not mean re-uploading an entire encrypted container.
A great how-to showing how easy EncFS is to use is available here.
*Update: Reader Joe Lee offers this advice for running EncFS in Mac OSX:
'I have been using EncFS on my Mac for some time now. You can easily install it using Homebrew “brew install encfs”, and mount your Volume “encfs -o volname=MySecretDrive ;Path/To/EncFS /Volume/MySecretDrive”. Couldn’t be any simplier.'
Platforms: Linux, DragonFly BSD, Android (Rooted only, using LUKS Manager)
Encryption: Large library available, including blowfish, twofish and AES
Pros: Very capable full disk encryption
Cons: For experts only, impenetrable documentation
LUKS (Linux Unified Key Setup) is the standard for Linux hard disk encryption. It is built-in to most Linux distros, and can be used with the dm-crypt subsystem to provide transparent full disk encryption.
In many ways dm-crypt/LUKS is very similar to TrueCrypt, but has the advantage that it stores all necessary setup information in the partition header, enabling the user to transport or migrate this data seamlessly. Unfortunately it is very user unfriendly, is command-line only, reading the documentation requires a degree in computer science, and so is only recommended to experts. The best instructions on using LUKS that we can find are available here.
Pros: Stealth mode to hide vaults, leaves no trace of any temporary files in the system
Cons: Does not delete original files, can be somewhat slow, still very much in alpha development
This promising new Android app lets you create password protected vaults in which you can store any kind of file (including local Google Docs). Encryption / decryption times can be very slow, and the original files remain in their folder so need to be deleted manually, but app is still in alpha, so issues are to be expected.
We were concerned about internet permissions for a ‘software analytics app called "crashlytics”’, so we contacted the developer, who responded very promptly, saying,
‘About crashlytics, it is a software (still in beta i think) which has the ability to take user's crashes and organize them in an orderly way for me to track the bugs.
since we are still alpha, I hope to use crashlytics to help squash those bugs.’
Given that the app is still in development this seems fair enough to us. We can’t recommend Secrecy yet, as development is still in its very early stages, but do think it is an app to watch.
Leaving aside dm-crypt/LUKS, what is interesting is that each of these programs does its own specific thing, with very little crossover in functionality between them. The best advice, therefore, is to use them all - using the right tool for the job at hand - AES Crypt for encrypting individual files (or AxCrypt for Windows-only users who do not plan on sharing their files),
Diskryptor for full disk encryption, and EncFS for secure cloud storage.
Unfortunately there is no open source full disk encryption option available for Mac owners (that we know of), but Linux users willing to get to grips with the complexities if LUKS have a very flexible and secure choice. For more on the best VPN for Mac take a look at our VPN Mac guide.
Update: As note at the beginning of this article, I now recommend VeraCrypt as the true successor to TrueCrypt.
Other open source encryption programs we have not listed here are: