0

I would like to easily encrypt/decrypt a USB key on my PC.

I used to use TrueCrypt which appears to be not secure anymore. I found an alternative named VeryCrypt, but, I would better trust a low level encryption system like PGP or GPG.

Unfortunately, using GPG as is will not offer a transparent layer between the OS and the disk. The [GPG encrypted loopback disks] (http://patrick.uiterwijk.org/2013/02/25/gpg-encrypted-loopback-disks/) looks an interesting solution, but not really easy to deploy.

What is the simplest solution I can use to work transparently on an encrypted USB stick?

nowox
  • 3,017

1 Answers1

1

dm-crypt / LUKS

Using cryptsetup to create a LUKS partition, or entire drive, or a container file, is an excellent way to have an encrypted "on-the-fly-encryption" device.

It should be accessible from Windows too, see his question How can I access volumes encrypted with LUKS/dm-crypt from Windows?

For an excellent overview & guides on Linux Encryption see ArchWiki - Disk Encryption.

  • If you just wanted to store a few fixed files, maybe a big zip / 7z / .tar.gz / tar.xz archive, then you could just pgp/gpg encrypt the files.

  • There's also encrypted filesystems like eCryptFS and EncFS for Linux, but I'm not 100% positive if they can be accessed from Windows - but if a virtual pc running linux can read the USB, then a linux should work there.

  • TrueCrypt still should be secure, I haven't read anything about it being cracked or broken, just the authors won't be supporting it anymore, but it's old versions for Windows & Linux still work. "cryptsetup supports mapping of TrueCrypt or tcplay encrypted partition using a native Linux kernel API" according to cryptsetup's man page.

Community
  • 1
Xen2050
  • 14,391