iCIS Intra Wiki
categories: Info - Support - Software - Hardware | AllPages - uncategorized
Encryption: Difference between revisions
| Line 67: | Line 67: | ||
* supported on Linux and OS X, however full system encryption only supported on Windows!! | * supported on Linux and OS X, however full system encryption only supported on Windows!! | ||
== | == OS X == | ||
FileVault is a disk encryption program in Mac OS X 10.3 and later. It performs on-the-fly encryption with volumes on Mac computers. | |||
FileVault uses the user's login password as the encryption pass phrase. It uses the AES-XTS mode of AES with 128 bit | |||
blocks and a 256 bit key to encrypt the disk. Only unlock-enabled users can start or unlock the drive. Once unlocked, | |||
other users may also use the computer until it is shut down. ([https://www.wikiwand.com/en/FileVault source]) | |||
In OS X more users are likely to enable FileVault than ever before—as at installation you have to consciously opt-out of having your hard drive encrypted, rather than opt-in. ([https://www.intego.com/mac-security-blog/yosemite-filevault/ source]) | |||
For instructions how to enable and use FileVault read apple's documentation at: https://support.apple.com/en-us/HT204837 | |||
== Linux == | == Linux == | ||
Revision as of 20:35, 22 December 2017
Encryption of files
Generally, people encrypt files for the purpose of sending a file securely via e-mail or copying it to a portable storage device that is more susceptible to loss. There are many programs available to let you encrypt files. Below we mention several which are advised:
- use 7zip compression program to compress and encrypt a set of files into a single .7z archive.
- use AES Crypt to encrypt a single file. AES Crypt integrates with your operating system's file explorer to easily let you encrypt/decrypt files.
For more informations see this page.
Encryption of your laptop/pc
Overview encryption software per operating system
| BitLocker | VeraCrypt | Filevault | |
|---|---|---|---|
| Windows | x | x | |
| Mac | x | x | |
| Linux | x |
Windows
To encrypt your entire system you have a choice between two methods:
- use Bitlocker from microsoft which is integrated in windows pro/enterprise (not in home edition, though we have a campus upgrade license to enterprise)
- use VeraCrypt open source software
It is adviced to use Bitlocker, unless you have a problem with the possibility that Microsoft has made a backdoor in bitlocker you should use VeraCrypt instead.
Bitlocker
- To enable Bitlocker encryption follow these instructions.
- After you have enabled bitlocker you can verify its working correctly and has encrypted everything by running on a windows command prompt with administrator rights the following command: "manage-bde -status". See check bitlocker status
Comparison Bitlocker and Veracrypt
Advantages Bitlocker over Veracrypt
- automatic unlocking at startup using TPM chip => user only needs to login as it is a none-encrypted laptop ; Veracrypt doesn't use the TPM chip and you need to supply a password manually.
- windows recovery/repair supports bitlocker => for veraCrypt you must make special repair disk which is unique for the laptop!
Advantages Veracrypt over Bitlocker
- open source -> more likely that there is no backdoor
- more possibilities eg. stronger encryption, external drive encryption etc.
- supported on Linux and OS X, however full system encryption only supported on Windows!!
OS X
FileVault is a disk encryption program in Mac OS X 10.3 and later. It performs on-the-fly encryption with volumes on Mac computers.
FileVault uses the user's login password as the encryption pass phrase. It uses the AES-XTS mode of AES with 128 bit blocks and a 256 bit key to encrypt the disk. Only unlock-enabled users can start or unlock the drive. Once unlocked, other users may also use the computer until it is shut down. (source)
In OS X more users are likely to enable FileVault than ever before—as at installation you have to consciously opt-out of having your hard drive encrypted, rather than opt-in. (source)
For instructions how to enable and use FileVault read apple's documentation at: https://support.apple.com/en-us/HT204837
Linux
http://www.ru.nl/privacy/english/data/saving-files/#hd2819907-cd58-43c6-95c4-a933cc61b1c3