TrueCrypt Part 1: getting started -

TrueCrypt Part 1: getting started

Douglas Crawford

Douglas Crawford

September 4, 2013

When it comes to local encryption, the free and open source* TrueCrypt is one of the most popular and powerful packages available.

With TrueCrypt you can:

    • Create a virtual encrypted disk (volume) which you can mount and use just like a real disk (and which can be made a Hidden Volume)
  • Encrypt an entire partition or storage device (e.g. a hard drive or USB stick)
  • Create a partition or storage drive containing an entire operating system (which can be hidden)

All encryption is performed on-the-fly in real-time, making TrueCrypt transparent in operation. It should be noted however that groovy as this ability to mount an encrypted drive is (and it is one of the things that makes TrueCrypt a great program), it does mean that cryptographic keys are stored in temporary memory (RAM) during use, which can theoretically expose Truecrypt users to possibility of attack through the use of pre-installed keyloggers and other malware.

Hidden volumes and hidden operating systems provide plausible deniability, as it should be impossible to prove they exist (as long as all the correct precautions are taken).

TrueCrypt is available for Windows, OSX and Linux. Our how-to guide was written for Windows 7, but the basics should more or less the same for any operating system.

*Strictly speaking, some elements of TrueCrypt are source available, rather that truly FOSS (Free Open Source Software). However, we don’t think makes much difference to most end-users.

How to create and use a simple TrueCrypt container

Creating a container

The simplest way to use TrueCrypt is to create an encrypted container within a file. This file behaves just like any other file, and can be moved, deleted, renamed etc. as if it was a normal file.

1. Download TrueCrypt, install and run it, then click ‘Create Volume’ on the main screen.


2. Make sure the ‘Create an encrypted file container’ radio button is selected and click ‘Next’.


3. Make sure that ‘Standard TrueCrypt Volume is selected and click ‘Next’.


4. Click ‘Select File’, choose where you want the file saved, and pick a name for the file. Do not select an already existing file as TrueCrypt will delete it and replace it with a new TrueCrypt container.


5. Choose an encryption algorithm and a hash algorithm. Information is provided on each encryption algorithm to help you choose one that is right for you. Generally speaking, the stronger the encryption, the longer the encryption/decryption process will take.


You can benchmark how fast the encryption/decryption takes, and test that all the algorithms are working properly.

AES is plenty secure and is the quickest in use, so we’ll go with that. We’ll also go with the default RIPEMD-160 hash algorithm (see the full documentation for more info on this)

6. Choose how big the want the file to be. It can be any size up the available free space on the drive it is located.


7. This is a vital step. If your data is worth encrypting then it is worth protecting with a good password. The wizard offers some good advice on choosing a strong password.


8. In the Volume Format screen you can choose which file system to use. We’ll go for FAT to maintain maximum compatibility across devices and platforms. Moving your mouse pointer around the window increases the cryptographic strength of the encryption keys (which increases security), so you should wiggle it around for at least 30 seconds. When you are done, click ‘Format’ and wait for the confirmation dialogue (then click ‘OK’ and ‘Exit’).


You have now created a TrueCrypt volume (file container)! Yay!

Mounting and using a TrueCrypt volume

1. Select a drive letter from the list on the TrueCrypt main screen. Then click ‘Select File’ and navigate to where you saved the TrueCrypt volume you just created, and ‘Open’. Once done, click ‘Mount’.


Any letter will do, so we’ll choose ‘P’. This will now be the drive letter assigned to our encrypted volume.

2. You will be asked for the password you specified earlier.


3. The volume is now mounted and will behave in all ways like a normal volume, except that all data on it is encrypted. You can open it by double-clicking on the volume name from the TrueCrypt main screen…


… or it can be accessed as regular volume in Explorer.


As you can see, the basics of setting up a simple encrypted volume are quite easy, and TrueCrypt does a good job at holding your hand. In Part 2 of this series we’ll get a bit more advanced, and create a hidden volume using TrueCrypt.

Handy tip

If you use Dropbox and are worried about Dropbox being able to see your files, you can create an encrypted TrueCrypt container inside your Dropbox folder. In this way, all files placed in the mounted container will be encrypted before being uploaded to Dropbox, and decrypted locally for viewing.

Of course, this does not make sharing and collaborating on files easy, but it does secure them against prying eyes. Android users are also in luck, as the EDS Lite and Cyrptonite apps allow you to browse and open TrueCrypt encrypted volumes when on the move.