issue98:securite_-_veracrypt
Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
| issue98:securite_-_veracrypt [2015/07/05 20:25] – d52fr | issue98:securite_-_veracrypt [2015/07/16 15:58] (Version actuelle) – andre_domenech | ||
|---|---|---|---|
| Ligne 2: | Ligne 2: | ||
| VeraCrypt is an open-source fork of TrueCrypt – developed and maintained by former TrueCrypt developers – which makes VeraCrypt basically the new, updated and improved version of TrueCrypt.** | VeraCrypt is an open-source fork of TrueCrypt – developed and maintained by former TrueCrypt developers – which makes VeraCrypt basically the new, updated and improved version of TrueCrypt.** | ||
| + | |||
| + | Cela fait environ un an depuis le décès inopportun du logiciel de cryptage TrueCrypt. Pendant de nombreuses années, TrueCrypt était le roi incontesté des logiciels d’encodage « à la volée ». L’utilisateur moyen, les hackers, les espions et même des gouvernements divers, ont utilisé TrueCrypt et lui ont fait confiance pour garder cachées et secrètes leurs informations sensibles et classifiées. Aussi, en mai 2014, quand la TrueCrypt Foundation a annoncé que TrueCrypt avait atteint sa fin de vie et qu’il ne serait plus développé, | ||
| + | |||
| + | VeraCrypt est un « fork » Open Source de TrueCrypt – développé et maintenu par des anciens développeurs de TrueCrypt – ce qui place, de fait, VeraCrypt comme la nouvelle version mise à jour et améliorée de TrueCrypt. | ||
| **Using VeraCrypt | **Using VeraCrypt | ||
| Ligne 8: | Ligne 12: | ||
| To begin you must create a VeraCrypt container which is pretty straightforward and simple as long as you follow the instructions given with each new step. VeraCrypt holds your hand and guides you as you create your first container. Your first choice is whether you want a regular encrypted volume or a hidden volume. More on hidden volumes later. You must then select the location for your container. Having selected a location, you then select the type of encryption algorithm you want to use to encrypt your new volume. The choices you have available are AES, Serpent, Twofish, and an additional five permutations based on those original three choices. VeraCrypt gives you a simple explanation of each algorithm in the GUI, and, if you are so inclined, you can click on the “More Information” button which then opens up a web-browser with a more detailed explanation of the selected algorithm. For example, after opening a web-browser you can read about how AES has been approved and used by the U.S. National Security Agency (NSA); this is followed by a technological explanation of why it's been used and approved by the US NSA.** | To begin you must create a VeraCrypt container which is pretty straightforward and simple as long as you follow the instructions given with each new step. VeraCrypt holds your hand and guides you as you create your first container. Your first choice is whether you want a regular encrypted volume or a hidden volume. More on hidden volumes later. You must then select the location for your container. Having selected a location, you then select the type of encryption algorithm you want to use to encrypt your new volume. The choices you have available are AES, Serpent, Twofish, and an additional five permutations based on those original three choices. VeraCrypt gives you a simple explanation of each algorithm in the GUI, and, if you are so inclined, you can click on the “More Information” button which then opens up a web-browser with a more detailed explanation of the selected algorithm. For example, after opening a web-browser you can read about how AES has been approved and used by the U.S. National Security Agency (NSA); this is followed by a technological explanation of why it's been used and approved by the US NSA.** | ||
| + | |||
| + | Utiliser VeraCrypt | ||
| + | |||
| + | L’utilisation de VeraCrypt est presque pareille à celle de TrueCrypt. L‘interface graphique de VeraCrypt est quasiment identique à celle de TrueCrypt. Pour commencer, vous devez créer un conteneur VeraCrypt, ce qui est assez facile et simple si vous suivez les instructions fournies à chaque étape. VeraCrypt vous tient la main et vous guide pendant que vous créez le premier conteneur. Le premier choix est entre un volume standard encodé ou un volume caché. J’en dirai plus par la suite sur les volumes cachés. Ensuite vous devez sélectionner l' | ||
| **Having selected an encryption algorithm, it's now time to choose a size for your container. Now, we've arrived at perhaps THE MOST IMPORTANT step in creating a VeraCrypt container, selecting a password. The best encryption software in the world is useless if your password can be cracked in less than a minute, which is why creating a strong password is of paramount importance. However, your password is the ONLY thing that will decrypt your container once created; this means that if you happen to forget your password, then you can pretty much forget about ever accessing the information encrypted in your container. So, your password must be strong, but at the same time you can never lose it. What makes VeraCrypt so reliable is that there is nothing, not back-doors, nor VeraCrypt support, nor anything else, that will decrypt your container except for the password that you use when creating the container. Use a strong password but don't ever forget it; I cannot emphasize this enough. VeraCrypt suggests using between 20-64 characters as a password. Having selected a password, you must then format the container. If you will be using this container with multiple operating systems, you must format the container with a file-system that is compatible with the operating systems you plan on using. The FAT file-system is perhaps the best multi-platform file-system as it can be used with Linux, Windows and OS X, but it has its limitations. If you plan to use the container only with Linux, then Linux Ext4 is your best choice for formatting. At this point, you create and encrypt your container. Depending on the size of container, this process can be quick or it can take a very long time. While the container is being created, VeraCrypt may seem unresponsive, | **Having selected an encryption algorithm, it's now time to choose a size for your container. Now, we've arrived at perhaps THE MOST IMPORTANT step in creating a VeraCrypt container, selecting a password. The best encryption software in the world is useless if your password can be cracked in less than a minute, which is why creating a strong password is of paramount importance. However, your password is the ONLY thing that will decrypt your container once created; this means that if you happen to forget your password, then you can pretty much forget about ever accessing the information encrypted in your container. So, your password must be strong, but at the same time you can never lose it. What makes VeraCrypt so reliable is that there is nothing, not back-doors, nor VeraCrypt support, nor anything else, that will decrypt your container except for the password that you use when creating the container. Use a strong password but don't ever forget it; I cannot emphasize this enough. VeraCrypt suggests using between 20-64 characters as a password. Having selected a password, you must then format the container. If you will be using this container with multiple operating systems, you must format the container with a file-system that is compatible with the operating systems you plan on using. The FAT file-system is perhaps the best multi-platform file-system as it can be used with Linux, Windows and OS X, but it has its limitations. If you plan to use the container only with Linux, then Linux Ext4 is your best choice for formatting. At this point, you create and encrypt your container. Depending on the size of container, this process can be quick or it can take a very long time. While the container is being created, VeraCrypt may seem unresponsive, | ||
| + | |||
| + | L’algorithme d’encryptage étant sélectionné, | ||
| **Mounting Volumes | **Mounting Volumes | ||
| Having created a VeraCrypt volume, all you've got to do to access/add files is mount by decrypting it. This is a fairly simple procedure. All you've got to do is browse for the volume you intend to access by using the “Select Volume” button. When you've located it, then you click on the “Mount” button and you'll then be prompted to enter the corresponding password for the volume. When trying to open an old TrueCrypt container, you need to make sure to check off the box that says “TrueCrypt Mode” – otherwise the file will not open. If you don't check the box, VeraCrypt will not know that you're trying to open a TrueCrypt container – instead all it will tell you is that you have entered the wrong password.** | Having created a VeraCrypt volume, all you've got to do to access/add files is mount by decrypting it. This is a fairly simple procedure. All you've got to do is browse for the volume you intend to access by using the “Select Volume” button. When you've located it, then you click on the “Mount” button and you'll then be prompted to enter the corresponding password for the volume. When trying to open an old TrueCrypt container, you need to make sure to check off the box that says “TrueCrypt Mode” – otherwise the file will not open. If you don't check the box, VeraCrypt will not know that you're trying to open a TrueCrypt container – instead all it will tell you is that you have entered the wrong password.** | ||
| + | |||
| + | Monter les volumes | ||
| + | |||
| + | Un volume VeraCrypt étant créé, tout ce que vous avez à faire pour voir/ | ||
| **Installing VeraCrypt | **Installing VeraCrypt | ||
| Ligne 30: | Ligne 44: | ||
| ./ | ./ | ||
| + | |||
| + | Intaller VeraCrypt | ||
| + | |||
| + | C'est assez facile d' | ||
| + | |||
| + | mkdir veracrypt | ||
| + | |||
| + | cd veracrypt | ||
| + | |||
| + | wget " | ||
| + | |||
| + | tar -xjvf " | ||
| + | |||
| + | rm veracrypt-1.0e-setup.tar.bz2 | ||
| + | |||
| + | ./ | ||
| **A note on Hidden Volumes | **A note on Hidden Volumes | ||
| A hidden volume is useful if someone happens to find your encrypted VeraCrypt container, and, through extortion, torture, water-boarding, | A hidden volume is useful if someone happens to find your encrypted VeraCrypt container, and, through extortion, torture, water-boarding, | ||
| + | |||
| + | Note à propos des volumes cachés (Hidden volumes) | ||
| + | |||
| + | Un volume caché est utile si quelqu' | ||
| **Final Thoughts | **Final Thoughts | ||
| TrueCrypt is dead and one of the main reasons given for its demise was that the software contained unfixed security issues. There are other forks that have come out from the ashes of TrueCrypt besides VeraCrypt. The other notable mention is CipherShed which is still undergoing further testing; it is still in Beta, and has not yet been released as stable. After a long auditing process, VeraCrypt has come out on top, the security issues mentioned in the TrueCrypt audit have been addressed and VeraCrypt has been deemed an improvement over the now defunct TrueCrypt. VeraCrypt is based on the same source-code as TrueCrypt, it uses the same GUI, it has addressed the security concerns, it is on its seventh stable release, and it is currently being supported and maintained, thus making it the logical software of choice for anyone who has used TrueCrypt in the past. I've personally been using VeraCrypt for the last four months and during that time I've been able to create new encrypted volumes with the same ease as when I was using TrueCrypt. I've also been able to access my older volumes originally created with TrueCrypt. Knowing that VeraCrypt has been audited and patched to be more secure than TrueCrypt gives me peace of mind in knowing that my confidential files will remain confidential and yet easy to access as long as I remember the password for each volume. I strongly recommend it to anyone who may be concerned with privacy.** | TrueCrypt is dead and one of the main reasons given for its demise was that the software contained unfixed security issues. There are other forks that have come out from the ashes of TrueCrypt besides VeraCrypt. The other notable mention is CipherShed which is still undergoing further testing; it is still in Beta, and has not yet been released as stable. After a long auditing process, VeraCrypt has come out on top, the security issues mentioned in the TrueCrypt audit have been addressed and VeraCrypt has been deemed an improvement over the now defunct TrueCrypt. VeraCrypt is based on the same source-code as TrueCrypt, it uses the same GUI, it has addressed the security concerns, it is on its seventh stable release, and it is currently being supported and maintained, thus making it the logical software of choice for anyone who has used TrueCrypt in the past. I've personally been using VeraCrypt for the last four months and during that time I've been able to create new encrypted volumes with the same ease as when I was using TrueCrypt. I've also been able to access my older volumes originally created with TrueCrypt. Knowing that VeraCrypt has been audited and patched to be more secure than TrueCrypt gives me peace of mind in knowing that my confidential files will remain confidential and yet easy to access as long as I remember the password for each volume. I strongly recommend it to anyone who may be concerned with privacy.** | ||
| + | |||
| + | Réflexions de conclusion | ||
| + | |||
| + | TrueCrypt est mort et une des raisons principales données pour cet arrêt était que le logiciel contenait des problèmes de sécurité non résolus. Outre VeraCrypt, d' | ||
| + | |||
| + | |||
issue98/securite_-_veracrypt.1436120729.txt.gz · Dernière modification : 2015/07/05 20:25 de d52fr