TrueCrypt is one of these programs, if you have looked into an encryption program you’ve likely heard of it, if not you’ll soon find out what you are missing out on. As mentioned, it is free, as it is an open-source on-the-fly encryption program. That is to say by on-the-fly what is meant is that the encryption is automatic, real-time and transparent to the user. Files are automatically being decrypted on-the-fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are automatically being encrypted on-the-fly (right before they are written to the disk) in RAM. TrueCrypt has several different encryption algorithms you can use including AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES and TwoFish; all of these algorithms are more than sufficiently strong to secure your data.

How it Works: TrueCrypt works by allowing you to create virtual encrypted disks within a file; the program then gives you the ability to mount these encrypted disks as if they were a real disk. You can encrypt an entire hard drive partition or a storage device such as a CD or USB flash drive, all into a single file. At this point you have encrypted volumes that are secured using one of the algorithms mentioned above, volumes that are unbreakable by your typical user. However, it is possible (depending on the algorithm you used) that the encryption may be cracked, that you may have accidentally given out your key, or worse yet, been forced to give it up. As a result, TrueCrypt provides two levels of plausible deniability. First, that no TrueCrypt volume can be identified (it should not be distinguishable from any other random data) and second, using hidden volumes.

Identity: TrueCrypt volumes cannot be identified until they are decrypted because they do not contain any sort of signature; they appear to just consist of random data to the naked eye. As a result, you cannot prove that a file is actually a TrueCrypt volume or that it has even been encrypted (without prior knowledge that is). TrueCrypt claims it is impossible to determine this, but I won’t go this far, as nothing is impossible when it comes to technology issues. The TrueCrypt volumes or containers you create can have any extension you like, .exe, .doc, .txt, .dll, or .bin for example. You probably want to avoid extensions that will be picked up by your anti-virus software however, like say .exe for example, as there may be an area of conflict here. You also want to pick an extension appropriate to the size of the volume; having a 500 MB volume with a text file extension isn’t likely to fool anybody. For even more security, you can enable it so TrueCrypt does not change access and modified times (timestamps) when you mount the volume, creating the appearance the volume is static. Additionally, if you format a hard drive partition as a TrueCrypt volume, the partition table is not modified with a TrueCrypt signature or ID.

Hidden Volumes: There is also the ability to use hidden volumes to protect yourself in the event your password (key) is lost, or given out by mistake. You can simply create a TrueCrypt volume within another TrueCrypt volume, so even if someone gains access inside the original volume, they won’t be able to see that another volume is hidden within because as mentioned the data is completely random. So if the key to the first volume is given out or stolen, all that is accessible is the previously encrypted data in that volume, while the real data you wish to keep protected is safely residing in the second volume.

For more information and to download TrueCrypt, visit http://www.truecrypt.org/. For a tutorial on how to setup TrueCrypt visit http://www.truecrypt.org/docs/?s=tutorial. Also, if you are interested in other free encryption software, I recommend you take a look at some of the options available at http://www.thefreecountry.com/security/encryption.shtml.