Windows 7 / Vista / XP / 2000
Download TrueCrypt Setup 7.1.exe (3.3 MB
Main Features:
- Creates a virtual encrypted disk within a file and mounts it as a
real disk.
- Encrypts an entire partition or storage device such as USB flash
drive or hard drive.
- Encrypts a partition or drive where Windows is installed
- Encryption is automatic,
real-time (on-the-fly) and transparent.
- Parallelization and pipelining allow data to be read and written as
fast as if the drive was not encrypted.
- Encryption can be hardware-accelerated
on modern processors.
- Provides plausible deniability,
in case an adversary forces you to reveal the password:
Hidden volume and hidden operating system.
System Encryption
TrueCrypt can
on-the-fly encrypt a system partition or entire system drive, i.e. a partition
or drive where Windows is installed and from which it boots.
System
encryption provides the highest level of security and privacy, because all
files, including any temporary files that Windows and applications create on the
system partition (typically, without your knowledge or consent), hibernation
files, swap files, etc., are always permanently encrypted (even when power
supply is suddenly interrupted). Windows also records large amounts of
potentially sensitive data, such as the names and locations of files you open,
applications you run, etc. All such log files and registry entries are always
permanently encrypted too.
System encryption involves pre-boot
authentication, which means that anyone who wants to gain access and use the
encrypted system, read and write files stored on the system drive, etc., will
need to enter the correct password each time before Windows boots (starts).
Pre-boot authentication is handled by the TrueCrypt Boot Loader, which resides
in the first track of the boot drive and on the
TrueCrypt Rescue Disk.
Note that TrueCrypt can
encrypt an existing unencrypted system partition/drive in-place while the
operating system is running (while the system is being encrypted, you can use
your computer as usual without any restrictions). Likewise, a
TrueCrypt-encrypted system partition/drive can be decrypted in-place while the
operating system is running. You can interrupt the process of encryption or
decryption anytime, leave the partition/drive partially unencrypted, restart or
shut down the computer, and then resume the process, which will continue from
the point it was stopped.
To encrypt a system partition or entire system
drive, select
System >
Encrypt System Partition/Drive and then
follow the instructions in the wizard. To decrypt a system partition/drive,
select
System >
Permanently Decrypt System
Partition/Drive.
The mode of operation used for system encryption is
XTS .
Note: By default, Windows 7 and
later boot from a special small partition. The partition contains files that are
required to boot the system. Windows allows only applications that have
administrator privileges to write to the partition (when the system is running).
TrueCrypt encrypts the partition only if you choose to encrypt the whole system
drive (as opposed to choosing to encrypt only the partition where Windows is
installed).