iCIS Intra Wiki
categories:             Info      -       Support      -       Software       -      Hardware       |      AllPages       -      uncategorized

Encryption

From ICIS-intra
Revision as of 20:35, 22 December 2017 by Harcok (talk | contribs) (Os x)
Jump to navigation Jump to search

Encryption of files

Generally, people encrypt files for the purpose of sending a file securely via e-mail or copying it to a portable storage device that is more susceptible to loss. There are many programs available to let you encrypt files. Below we mention several which are advised:

  • use 7zip compression program to compress and encrypt a set of files into a single .7z archive.
  • use AES Crypt to encrypt a single file. AES Crypt integrates with your operating system's file explorer to easily let you encrypt/decrypt files.

For more informations see this page.

Encryption of your laptop/pc

Overview encryption software per operating system


BitLocker VeraCrypt Filevault
Windows x x
Mac x x
Linux x


Windows

To encrypt your entire system you have a choice between two methods:

  • use Bitlocker from microsoft which is integrated in windows pro/enterprise (not in home edition, though we have a campus upgrade license to enterprise)
  • use VeraCrypt open source software

It is adviced to use Bitlocker, unless you have a problem with the possibility that Microsoft has made a backdoor in bitlocker you should use VeraCrypt instead.

Bitlocker

  • To enable Bitlocker encryption follow these instructions.
  • After you have enabled bitlocker you can verify its working correctly and has encrypted everything by running on a windows command prompt with administrator rights the following command: "manage-bde -status". See check bitlocker status

Comparison Bitlocker and Veracrypt

Advantages Bitlocker over Veracrypt

  • automatic unlocking at startup using TPM chip => user only needs to login as it is a none-encrypted laptop ; Veracrypt doesn't use the TPM chip and you need to supply a password manually.
  • windows recovery/repair supports bitlocker => for veraCrypt you must make special repair disk which is unique for the laptop!

Advantages Veracrypt over Bitlocker

  • open source -> more likely that there is no backdoor
  • more possibilities eg. stronger encryption, external drive encryption etc.
  • supported on Linux and OS X, however full system encryption only supported on Windows!!

OS X

FileVault is a disk encryption program in Mac OS X 10.3 and later. It performs on-the-fly encryption with volumes on Mac computers.

FileVault uses the user's login password as the encryption pass phrase. It uses the AES-XTS mode of AES with 128 bit blocks and a 256 bit key to encrypt the disk. Only unlock-enabled users can start or unlock the drive. Once unlocked, other users may also use the computer until it is shut down. (source)

In OS X more users are likely to enable FileVault than ever before—as at installation you have to consciously opt-out of having your hard drive encrypted, rather than opt-in. (source)

For instructions how to enable and use FileVault read apple's documentation at: https://support.apple.com/en-us/HT204837

Linux

http://www.ru.nl/privacy/english/data/saving-files/#hd2819907-cd58-43c6-95c4-a933cc61b1c3

More information

Retrieved from "https://wiki.icis-intra.cs.ru.nl/index.php?title=Encryption&oldid=2105"