ArsGeek

There already was an article about encryption of your files on Arsgeek. That one was geared towards Linux, but Windows chaps can, too, encrypt their files for added security.

EFS

Microsoft,  since windows 2000, has provided EFS, a way to encrypt your data. Sadly, for windows 2000 and XP, you have to use the Professional version to be able to use this. With windows Vista, you have to use either Premium, Business or Ultimate to be able to get this goodie. EFS is actually a subset of the NTFS filesystem. It allows you to encrypt single files of groups of files directly on-drive. The file names are still visible when the files are accessed without the key. There are some security issues, but from what I understood, if you’re running windows XP or better, your files seems safe.

Be cautions though, you can get bit by EFS quite hard if you’re not. When windows is recommending you to backup your key, do it. It will save your precious bytes. Without that key, it is virtually impossible for now to view the content of these files. Furthermore, to rescue the content of encrypted files from Vista, I had to reinstall Vista, Windows XP seemed to be unable to read them, even when I provided it the key I made. Here you’re warned.

Bitlocker

Vista Ultimate has a new feature called Bitlocker which can encrypt the entire drive. I have no experience with it, but it seems to be a secure way to encrypt your hard-drive. To do so you will have to either have a TPM chip in your computer or a USB key with your encryption key on it. I’ll let you within the capable hands of Microsoft to continue your research about Bitlocker.

Truecrypt

Truecrypt is the solution I was using to encrypt my files on Windows XP Home Edition and during my first love with Linux. It is a cross-platform (currently Linux and Windows 2000 and better) and open-source encryption utility. It can either encrypt a virtual container, a file which will act like a drive, or a partition. Using a file as a container will probably be slower, you have to add the speed of accessing the file from its parent filesystem with the speed of truecrypt, but even then, I find this quite fast.

It has many features, some more useful than the others. There is currently a total of eight encryption algorithms, and three hash algorithms. The encryption algorithm you choose will affect the speed and the security of your data. The hash algorithm is for securing the key, it won’t affect the speed, I think.

Truecrypt has an advanced security feature, hidden volumes. Hidden volumes can act as a plausible deniability by having your actual encrypted data in another container hidden inside the first one. The user can store less important data in the first volume, the outer one, while storing critical files in the inner one. This means that if the thugs comes home and wants to see, let’s say, some files and you don’t want to show them, you can decrypt the outer volumes while keeping the inner ones safe. The thugs will probably let your kneecaps in place as there is no way to tell if there is an hidden volume.

Anyway, I’m back at using truecrypt, I don’t want to get bit again with the way Vista handles file-encryption.

And sure, there might be many more ways to encrypt your data within windows, but I’m only presenting the ones I know and have experience with. If you want to have your word, do it in the comments, as usual; I would be glad to have some feedback about this article. Have fun securing yourself, and try not to lock yourself out of your data!

Popularity: 1% [?]