Subject: [gsc] TrueCrypt 6
Newsgroups: gmane.comp.finance.gold-silver-crypto
Date: 2008-07-05 17:50:03 GMT (14 weeks, 1 day, 23 hours and 58 minutes ago)
Expires: This article expires on 2008-07-19
truecrypt.org
Many new features in TrueCrypt 6:
*
Parallelized encryption/decryption on multi-core processors (or
multi-processor systems). Increase in encryption/decryption speed
is directly proportional to the number of cores and/or processors.
For example, if your computer has a quad-core processor,
encryption and decryption will be four times faster than on a
single-core processor with equivalent specifications (likewise, it
will be twice faster on dual-core processors, etc.)
[View benchmark results]
*
Ability to create and run an encrypted hidden operating system
whose existence is impossible to prove (provided that certain
guidelines are followed). For more information, see the section
Hidden Operating System. (Windows Vista/XP/2008/2003)
For security reasons, when a hidden operating system is running,
TrueCrypt ensures that all local unencrypted filesystems and
non-hidden TrueCrypt volumes are read-only. (Data is allowed to be
written to filesystems within hidden TrueCrypt volumes.)
Note: We recommend that hidden volumes are mounted only when a
hidden operating system is running. For more information, see the
subsection Security Precautions Pertaining to Hidden Volumes.
*
On Windows Vista and Windows 2008, it is now possible to encrypt
an entire system drive even if it contains extended/logical
partitions. (Note that this is not supported on Windows XP.)
*
New volume format that increases reliability, performance and
expandability:
o Each volume created by this or later versions of TrueCrypt
will contain an embedded backup header (located at the end of
the volume). Note that it is impossible to mount a volume when
its header is damaged (the header contains an encrypted master
key). Therefore, embedded backup headers significantly reduce
this risk. For more information, see the subsection Tools >
Restore Volume Header.
Note: If the user fails to supply the correct password
(and/or keyfiles) twice in a row when trying to mount a
volume, TrueCrypt will automatically try to mount the volume
using the embedded backup header (in addition to trying to
mount it using the primary header) each subsequent time that
the user attempts to mount the volume (until he or she
clicks Cancel). If TrueCrypt fails to decrypt the primary
header and then decrypts the embedded backup header
successfully (with the same password and/or keyfiles), the
volume is mounted and the user is warned that the volume
header is damaged (and informed as to how to repair it).
o The size of the volume header area has been increased to 128
KB. This will allow implementation of new features and
improvements in future versions and ensures that performance
will not be impaired when a TrueCrypt volume is stored on a
file system or device that uses a sector size greater than 512
bytes (the start of the data area will always be aligned with
the start of a host-filesystem/physical sector).
For more information about the new volume format, see the section
TrueCrypt Volume Format Specification.
Note: Volumes created by previous versions of TrueCrypt can be
mounted using this version of TrueCrypt.
* Parallelized header key derivation on multi-core processors (one
algorithm per core/thread). As a result, mounting is several times
faster on multi-core processors. (Windows)
*
Ability to create hidden volumes under Mac OS X and Linux.
*
On Linux, TrueCrypt now uses native kernel cryptographic services
(by default) for volumes encrypted in XTS mode. This increases
read/write speed in most cases. However, the FUSE driver must
still be used when the volume is encrypted in a deprecated mode of
operation (LRW or CBC), or when mounting an outer volume with
hidden-volume protection, or when using an old version of the
Linux kernel that does not support XTS mode. (Linux)