The best file encryption software in open source – group test
Keeping your secrets secret is an important consideration, so we have taken the four most popular encryption systems and ordered Linux User’s chief group tester, Garath Halfacree, to do what he does best. Which is the ultimate option? Read on…
The only package on test to ship with a GUI by default, is TrueCrypt all style and no substance?
TrueCrypt isn’t a package you’ll find in most distribution’s repositories. Because the terms of the supplied licence aren’t compatible with common open source licences such as the GPL, it’s excluded from distribution – but if you download it manually, you’ll find an extremely powerful package.
Although designed primarily to offer an encrypted ‘container’ – a file which holds the encrypted data – TrueCrypt can be used to encrypt entire devices, and is the package most easily used in a cross-platform environment: TrueCrypt binaries are available for Linux, Mac OS X, and Windows, and containers created on one platform are readily accessible on another.
As the software isn’t included in most repositories, installation consists of downloading a self-extracting shell script in either GUI or command-line flavours. Both are relatively small, and once downloaded the installation process is simple – although, as it doesn’t tie in to your distribution’s packaging system, you’ll have to keep the software up to date manually.
Thanks to its GUI, TrueCrypt is by far the easiest package to use on test. A friendly wizard walks the user through the creation of either device or file based containers, and a selection of encryption ciphers are available to choose from. There’s even the option to chain up to three ciphers together for maximum security, and a handy benchmarking system to see which will offer the best performance on your particular system.
When a container has been created and mounted, it appears to the file system as just another drive. As with the other packages on test, any files written to the container will be encrypted on the fly – meaning no unencrypted data is ever written to the disk.
TrueCrypt also includes support for ‘hidden’ volumes. These allow a container or device to have multiple passwords – or keyfiles, or even smartcards – each of which shows a different selection of unencrypted data when used. While hidden volumes carry some risk – it’s possible overwrite the contents of a hidden volume if you’re incautious with the ‘fake’ encrypted volume – it’s a nice option for those who need extra security.
With its pretty GUI and ease of use, you’d be forgiven for thinking that TrueCrypt would come with a performance penalty – but in our tests it proved the fastest encryption package around, easily beating both EncFS and eCryptFS and even edging out dm-crypt via LUKS to claim the top spot in both our small-file and large-file tests.
Linux User Verdict
If you want TrueCrypt, you’ll have to download an installer and manage updates yourself.
For most common filesystem encryption tasks, it’s hard to beat the flexibilty of TrueCrypt.
Ease of use: 9/10
The GUI is good, but some options could benefit from being more clearly labeled.
There’s still a performance hit, but TrueCrypt was easily the fastest package on test.
TrueCrypt is an amazingly versatile package, and while its licence makes it unsuitable for distribution by default it’s certainly a capable option for those looking for something with a GUI.