Main » 2011 » Март » 16 » Recipe how to make an encrypted usb flash drive?
13:23
Recipe how to make an encrypted usb flash drive?
Everyone has secrets. Personal diary, the password from your bank account in Switzerland, a potential enemy fortifications pictures, drawings, a perpetual motion machine, the list of lovers, but who knows what else. The data is conveniently stored on a USB flash drive. It's small, cheap, capacious. Its easy to carry in your pocket, just to hide or transfer to another person. But just as easily stick to lose.

Task: I need a USB flash drive, all information on which the encoding. When I insert the stick into your computer - it should ask for the password without the correct password is not decrypted. Stick must operate autonomously, without having to install any specific software.

Take any available to us flash drive and proceed.

Step 1.


Downloading TrueCrypt. Now the latest version - 6.1a. There Russification. TrueCrypt - free open-source software for data encryption. Runs under Windows, Mac and Linux.

Install TrueCrypt on your computer. Installing TrueCrypt-a, we need only to create a stick. Then TrueCrypt can be removed.

Step 2.


Prepare the USB flash drive to work. To begin to erase all data from there. Now run TrueCrypt and select the menu Tools -> Traveler Disk Setup ...

In the drop down box, specify the drive letter to flash drive is now installed and the path to the [non-existent until the] file with the encrypted data: e: \ datafile.tc

The other option is recommended as an exhibit in the screenshot.

Click Create, and TrueCrypt will write to the stick all the necessary auxiliary files.

Step 3.


Now you create an encrypted file on a flash drive with data.

Menu TrueCrypt-a select Tools -> Volume Creation Wizard


Specify the path to the same file that you enter when creating flash:

Select the encryption and hashing to taste. It is recommended to leave everything as is.

Choose the size of a data file. Because we want to stick all the space has been encrypted, enter the maximum number.

Come up and enter the password. Be careful! The password should be long and complicated, that it can not break the brute Force. But memorable. Because if you forget - the data will be uteryanny.

Now select the type of file system and are leading the mouse on the window to True Crypt was able to generate a truly random number. Click Format.

A few minutes later on a flash drive will create a large encrypted file.

If you insert a USB flash drive into any computer running Windows - a window will appear:

And if the password is entered correctly - the system will mount an encrypted file as another drive.

A few caveats


So we have a stick, which is a reliable encryption algorithm, and is ready to work for anyone, even untrained computer. Of course, there is no perfect protection, but now a potential attacker would need many orders of magnitude more time, resources and experience to get to your data.

Before you remove the stick, do not forget to unmount the drive via an icon in the taskbar.

Keep in mind that after you edit or view your confidential data may remain in temporary files or operating system paging file.

The fact of the use of encryption will not be secret. On the computer can stay in log entries or register. The contents of the stick open points to the use of encryption technology. So recto-thermal methods of breaking will be most effective.

To hide the fact that TrueCrypt encryption technology offers an encrypted disk with double bottom and hidden operating system. But that's another story.

Post-scriptum


Thanks to all participants for their interesting discussion, questions and criticism.

As a postscript I would like to answer the two most popular opposition.
  • Why not use the built-in Windows NTFS Encrypted File System, as recommended Backspace?
  • Why should I stick the condition of autonomy, because on your computer you can install TrueCrypt permanently? And attaching a stick in someone else's computer, we risk pospastsya on keylogery and other favorites.

I read about this I Encrypted File System, and to experiment on your computer. Maybe for some cases, this encryption method, and fit. But not for me.

The most important thing. EFS encrypts only the file contents. List of files, the structure of nested folders, their names, sizes, dates, editing remain open. This information may kompromentirovat you directly, but may cause further your development. If your folder find the encrypted file DvizhenieChernogoNala.xls ИзнасилованиеТринадцатилетнейДевственницы.avi or something of the encryption of the file you will not be easier.

Second. Encrypted files are available all the time while you are logged on your computer. No matter you are working with sensitive information or playing Minesweeper. Of course, your login for the PC is better not to let anyone. But the situation may be different. In addition, working under Windows, even on your own computer, you never know what process sharitsya you have the file system. TrueCrypt provides an easy and session management to work with the encrypted volume. Assembled, worked, unmounted. Time data availability is reduced by orders of magnitude. And with him and risk.

And finally, about autonomy and tolerance for any computer. Inserting a stick in someone else's computer, we run the risk, and should not do it regularly. But again, there are different situations. The main computer can fail and be thrown into the garbage 3 years ago, to stay in another country. Particular scenario - Imagine that you had left on a business trip and forgot to stick on the job. And you need to call the Secretary to explain how to get to the desired file. Information should not only be well protected. It should be also easily accessible. All you need to access files on a flash drive under the TrueCrypt - a computer with XP in its standard configuration, password and 10 seconds of time. C EFS is also possible to achieve portability of the stick. But the connection procedure will be much harder. Needed to decode and import the key. And at the end of the session - delete it from your system.

Of course, the recipe described a number of disadvantages and vulnerabilities. But, IMHO, is the most practical and balanced way to keep a secret at the moment.
Views: 567 | Added by: w1zard | Rating: 0.0/0
Total comments: 0
Имя *:
Email *:
Код *: