-1

I want to encrypt some data and access it from either Windows 7 (having support for latests Windows is desirable too) or Linux (debian 9). Which software / filesystem should I use?. Data will be physically stored localy in a SATA HDD. The system is a dual boot, and there wont be two machines trying to mount the filesystem.

In the past I've allways used TrueCrypt to create encrypted volumes that acted like partitions, but when I went to download it today I found out it has been discontinued for 6 years... I found VeraCrypt as a possible substitute, any thoughs about it?

In my experience, when you've to do some serious operations in Windows and Linux and there's no native support for both the safest way to go is to use native windows (like bitlocker in this case) and non-native linux access rather than the opposite way. For this case I found this solution, but I'm not sure if it is realiable.

ZFS has native encryption support, and there is at least one early stage implementation for Windows, but my experience with non-natively-supported filesystems in Windows has not been very pleasant in the past.

I know Windows has some integrated cyphering capabilities with bitlocker, but I dont feel confortable with MS in critical aspects such as cyphering. It is more a biased opinion rather than something based on reasonable arguments, but I've had lots of problems with MS software in the past, and I tend to rely on them only when it is absolutely necesary.

EDIT: I'm not sure if this post should go here or in software recommendations, since it is related with filesystem and encryption and it's impact on security and performance, but it is also asking about which solution to use, so the answer can actually be a software recommendation

Improve this question
1
  • You're asking which filesystem or software to use. It's a recommendation request as it is currently phrased. You could rephrase it as a problem solving request rather than a recommendation request.
    – music2myear
    Commented Jan 15, 2020 at 4:26

1 Answer 1

Reset to default
2

TrueCrypt had some security flaws and was discontinued. VeraCrypt was based on TrueCrypt, but patched the security holes. VeraCrypt is still being developed and supported.

There is absolutely nothing wrong with Microsoft BitLocker. It is seamless and easy to implement. I have heard of no issues or security flaws.

Both BitLocker and VeraCrypt can encrypt an entire Windows volume. However, Linux cannot read a BitLocker volume (as far as I am aware).

As for performance, encryption requires almost no processing power. Modern CPUs all have AES instruction sets. Even those that dont, there is very little performance lost. For standard use, you will not notice any decrease in performance.

Since you need both Linux and Windows, I would go with VeraCrypt.

Improve this answer
5
  • 1
    "TrueCrypt is still being developed and supported." - What? I think you mean VeraCrypt since TrueCrypt is NOT being developed.
    – Ramhound
    Commented Jan 13, 2020 at 22:04
  • Thanks for your reply. I'll give VeraCrypt a try, but do you know how can an unexpected shutdown can cause in a VeraCrypt volume?. I'm using 2x old ES-2680, they are not very modern, yet they've AES support, I was worried about performance on non-native Windows solutions due to poor implementations, rather than due to CPU capabilities. For instance, I've a non-native NFC client on an old W7 pro machine which can't hit anything near 10% network real capacity using SMB between the same machines. Btw, did you mean VeraCrypt is still being developed and supported when you stated that TrueCrypt is?
    – DGoiko
    Commented Jan 13, 2020 at 22:14
  • @Ramhound whoops. fixed.
    – Keltari
    Commented Jan 13, 2020 at 22:20
  • @DGoiko - It would behave nearly identically to that of TrueCrypt. VeraCrypt is a fork of TrueCrypt.
    – Ramhound
    Commented Jan 13, 2020 at 22:24
  • thanks, @Ramhound. I'll dig up a bit, but I'm almost sure that TrueCrypt ensured that if the OS thinks the file is fully stored, it is really cyphered and stored, so it doesn't add special concerns: I'd only get damage in a file that woul'd have been damaged even if the volume is not encrypted. This SHOULD be true for volumes stored as files rather than as whole partitions.
    – DGoiko
    Commented Jan 13, 2020 at 22:56

Not the answer you're looking for? Browse other questions tagged .