What is VeraCrypt and why you should use it

If you are looking for a way to protect your sensitive data from unauthorized access, you might have heard of VeraCrypt. But what is VeraCrypt exactly and how does it work? In this post, we will explain the basics of VeraCrypt and show you how to use it to encrypt your secrets.

What is VeraCrypt?

VeraCrypt is a free and open-source utility for on-the-fly encryption (OTFE). This means that it can create a virtual encrypted disk within a file and mount it as a real disk. You can then store your files on this disk and access them normally, but they will be encrypted and decrypted automatically in the background.

VeraCrypt can also encrypt an entire partition or storage device, such as a USB flash drive or a hard drive. This way, you can protect your entire system or portable data with a strong password or a key file. VeraCrypt supports pre-boot authentication, which means that you need to enter your password before Windows starts.

VeraCrypt is a fork of the discontinued TrueCrypt project, which was one of the most popular encryption tools until its sudden shutdown in 2014. VeraCrypt has improved the security and functionality of TrueCrypt, fixing many vulnerabilities and adding new features.

Some of the main features of VeraCrypt are:

  • It supports various encryption algorithms, such as AES, Serpent, Twofish, Camellia, and Kuznyechik. You can also use combinations of these algorithms for extra security.
  • It uses different cryptographic hash functions, such as RIPEMD-160, SHA-256, SHA-512, Streebog, and Whirlpool. These functions are used to derive the encryption keys from your password or key file.
  • It uses XTS mode of operation, which is a standard for disk encryption that provides better security and performance than older modes.
  • It uses more iterations of the key derivation function than TrueCrypt, making it harder for attackers to guess your password using brute-force methods.
  • It provides plausible deniability, which means that you can create hidden volumes or hidden operating systems within your encrypted data. This way, you can deny the existence of your secrets if someone forces you to reveal your password.

How to Use VeraCrypt

Using VeraCrypt is not very difficult, but it requires some basic knowledge of encryption concepts and terminology. Here are the steps to use VeraCrypt to create and use an encrypted volume:

  1. Download VeraCrypt from its official website (https://veracrypt.eu/en/) and install it on your computer. You can also use the portable version if you don’t want to install anything.
  2. Run VeraCrypt and click on the “Create Volume” button. This will launch the Volume Creation Wizard, which will guide you through the process of creating an encrypted volume.
  3. Choose whether you want to create a standard volume or a hidden volume. A standard volume is just a normal encrypted file that you can mount as a disk. A hidden volume is a special type of volume that is hidden inside another volume. This way, you can have two passwords: one for the outer volume and one for the hidden volume. If someone forces you to reveal your password, you can give them the password for the outer volume and they will not see the hidden volume.
  4. Choose whether you want to create a file container or encrypt a partition or device. A file container is just a normal file that acts as an encrypted disk. You can store it anywhere on your computer or on an external device. Encrypting a partition or device means that you will encrypt the entire space of that partition or device. This option is more suitable for system encryption or portable data protection.
  5. Choose a location and a name for your encrypted volume. If you are creating a file container, you can choose any folder and any name for your file. If you are encrypting a partition or device, you need to select the correct drive letter or device name from the list.
  6. Choose an encryption algorithm and a hash algorithm for your volume. You can use the default options (AES and SHA-512) or choose another combination from the list. The encryption algorithm determines how your data will be scrambled and unscrambled. The hash algorithm determines how your password or key file will be converted into an encryption key.
  7. Choose a size for your volume. If you are creating a file container, you need to specify how much space you want to allocate for your encrypted disk. If you are encrypting a partition or device, the size will be determined by the available space on that partition or device.
  8. Choose a password or a key file for your volume. You need to enter a strong password that you can remember or use a key file that you can store securely. A key file is a file that contains random data that acts as a password. You can use any file as a key file, such as a photo or a document. You can also use both a password and a key file for extra security.
  9. Choose whether you want to create a standard volume or a hidden volume. If you chose to create a hidden volume in step 3, you need to repeat steps 6, 7, and 8 for the hidden volume. You also need to specify how much space you want to leave for the hidden volume within the outer volume.
  10. Format your volume. This will erase all the data on your volume and replace it with random data. This is necessary to make your volume look like a normal file or partition and to prevent data leakage. You can choose a file system for your volume, such as FAT, NTFS, or exFAT. You can also choose whether you want to use quick format or not. Quick format is faster but less secure than full format.
  11. Mount your volume. After creating your volume, you need to mount it as a disk before you can use it. To do this, run VeraCrypt and select an empty drive letter from the list. Then click on the “Select File” or “Select Device” button and choose your volume file or partition/device. Then click on the “Mount” button and enter your password or key file. Your volume will appear as a normal disk on your computer and you can access it normally.
  12. Dismount your volume. When you are done using your volume, you need to dismount it from VeraCrypt. To do this, run VeraCrypt and select the drive letter of your volume from the list. Then click on the “Dismount” button or use the hotkey (Ctrl+D). Your volume will disappear from your computer and your data will be encrypted again.

These are the basic steps to use VeraCrypt to create and use an encrypted volume. There are many other options and features that you can explore in VeraCrypt, such as creating hidden operating systems, using favorite volumes, using traveler mode, etc. You can find more information about these features in the documentation (https://veracrypt.eu/en/Documentation.html).

How secure is VeraCrypt?

VeraCrypt is a very secure encryption tool that uses strong algorithms and modes to protect your data. However, no encryption software is 100% secure, and there are some factors that can affect the security of VeraCrypt, such as:

  • Your password or key file: The strength of your password or key file determines how hard it is for someone to guess or crack it. You should use a long and random password or key file that you can remember or store securely. You should also avoid using the same password or key file for different volumes or services.
  • Your hardware: The security of your hardware can affect the security of VeraCrypt. If someone has physical access to your device, they might be able to tamper with it or install malware that can compromise your encryption. You should use a trusted device and keep it updated and protected with antivirus software. You should also use a VeraCrypt rescue disk to restore your system in case of corruption or damage.
  • Your software: The security of your software can affect the security of VeraCrypt. If you have malware or spyware on your device, they might be able to capture your keystrokes, screen, or memory and steal your password or key file. You should use a trusted operating system and avoid installing untrusted applications or visiting malicious websites. You should also use a firewall and a VPN to protect your online traffic.

According to some sources, VeraCrypt is secure enough to withstand attacks from state-level adversaries, but you should still be careful and follow the best practices for encryption. ¹²³ VeraCrypt has also been audited by independent security experts who found no major vulnerabilities in its code.

What is the difference between VeraCrypt and TrueCrypt?

VeraCrypt and TrueCrypt are both encryption tools that can create and mount encrypted volumes. However, there are some differences between them, such as:

  • VeraCrypt is a fork of TrueCrypt, which means that it is based on the same source code but has made some changes and improvements. TrueCrypt was discontinued in 2014 and is no longer maintained or updated. VeraCrypt is still active and regularly releases new versions.
  • VeraCrypt has enhanced the security of the encryption algorithms and modes used by TrueCrypt, making them more resistant to brute-force attacks and other vulnerabilities. For example, VeraCrypt uses more iterations of the key derivation function than TrueCrypt, which makes it harder to guess the password. VeraCrypt also supports more encryption algorithms and combinations than TrueCrypt, such as Kuznyechik and Camellia.
  • VeraCrypt has fixed some bugs and issues that were found in TrueCrypt, such as the Windows installation driver vulnerability that allowed arbitrary code execution and privilege escalation. VeraCrypt has also been audited by independent security experts who found no major flaws in its code.
  • VeraCrypt has added some features that were not present in TrueCrypt, such as the ability to encrypt Windows system partitions with GPT (GUID Partition Table) and UEFI (Unified Extensible Firmware Interface) support, the ability to use custom iterations through the PIM (Personal Iterations Multiplier) feature, and the ability to use Windows MSI installer for silent deployments.

In summary, VeraCrypt is a more secure and updated version of TrueCrypt, with some additional features and options. However, some users may still prefer TrueCrypt for its simplicity, compatibility, or trustworthiness.

VeraCrypt is a powerful and reliable encryption tool that can help you protect your secrets from prying eyes. Whether you want to encrypt your system, your portable data, or just some files, VeraCrypt can do it for you with ease and security.

Leave a Comment