VeraCrypt is a free disk encryption software based on TrueCrypt 7.1a. It allows secure encryption of full disks as well as virtual volumes that can be mounted on the fly. VeraCrypt has support for various encryption algorithms (AES, Serpent, TwoFish), keyfiles, security tokens, hotkeys, and more. Aug 24, 2020 VeraCrypt is one of the most popular security tools, providing you with enterprise-grade encryption for important data. Concealer is a file encryption program specifically for Apple Mac. Open VeraCrypt by double-clicking the blue VeraCrypt icon in your Applications folder. Click Create Volume. Choose Create an encrypted file container and click Next. Choose Standard VeraCrypt volume and click Next. Choose a location and enter a name for the VeraCrypt container. Do not choose an existing file or folder as your VeraCrypt container. VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files.
This article will guide you how to secure your files using VeraCrypt, a free and open source encryption tools and multi platform, works on Windows, Linux and Mac OS, available on GUI version and command line / console.
If you want to secure your file on Linux, you can use LUKS format, but it’s may did not work on Windows or Mac OS.
You can read How to create encrypted disk image with Linux LUKS format using Cryptsetup
Why Veracrypt?
VeraCrypt is a free disk encryption software based on TrueCrypt.
It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. For example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327670.
And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses 655340 for RIPEMD160 and 500000 iterations for SHA-2 and Whirlpool.
It’s free and open source. More secure than TrueCrypt. Works on Windows, Linux and Mac OS. Works on hard drive or USB drive, extremely fast read and write.
You can check all great features on VeraCrypt’s Website.
How to install VeraCrypt on Linux
VeraCrypt support Centos 6, 7 and 8 GUI and console version. It’s also support Debian 9 and newer, Ubuntu 12 and newer, also openSuse.
Go to https://www.veracrypt.fr/en/Downloads.html and choose your version. In this example we use Console version.
Creating Encrypted Volume or Hard Disk using VeraCrypt on Linux
If you want to encrypt entire disk for example /dev/sdb you can fill it when prompt Enter volume path: /dev/sdb
Encryption Algorithm we choose AES SHA-512. AES is fastest encryption. Picture below is benchmark speed Encryption Algorithm on Mac OS I7 woith 16GB RAM and SSD disk.
File system we choose FAT, because it can be used on Windows, Linux and Mac OS.
We did not put PIM. PIM is Personal Iterations Multiplier. You can customize the number of iterations when the head key of the encrypted disk is generated.
The larger the number of iterations, it will be longer to compute the header key, and slower the process of mounting the encryption disk.
Free Download Veracrypt
If someone wants to use violent cracking to decrypt the “head” exhaustively, it will take a long time to try each time (also N iterations). When N is big enough, violent cracking becomes impossible.
Please note, if you set PIM, it’s like Two factor Authentication. You must remember password and PIM. Once you loose it, there is no way to get your disk or files back.
Mounting encrypted volume or disk on Linux
You can not directly mount encrypted disk using standar linux command. You must use veracrypt command to mount encrypted disk or encrypted volume.
We successfully mount volume and write file to mopunted VeraCrypt volume.
Veracrypt For Mac
VeraCrypt VS Cryptsetup LUKS format speed benchmark
Check write speed of VeraCrypt Encrypted Volume, it’s very fast.
Check write speed of Cryptsetup LUKS Format encrypted container
Now check write speed on /root directory
From simple benchmark above, VeraCrypt volume speed 578 MB/s, LUKS Format encrypted container speed 267 MB/s, and disk speed is 349 MB/s. So the winner is VeraCrypt volume.
Unmounting encrypted volume or disk on Linux
Do not use normal umount command to unmounting VeraCrypt volume.
If you want to unmount all VeraCrypt volume, use this command:
Now check all mounted file system.
Create, Encrypt, Decrypt and Open Veracrypt on Android
On android device you can use EDS Lite to Create, Encrypt, Decrypt and Open Veracrypt on Android.
Get EDS Lite on https://play.google.com/store/apps/details?id=com.sovworks.edslite
Click on manage containers then click Plus icon on top right. You can create new container or add an existing container.
On this article we choose add an existing container, that we create on Linux server (Centos 7).