Author |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Mon 05 May '14 4:38 Post subject: TrueCrypt | Disk Partion |
|
|
http://www.truecrypt.org/
So in windows i create a disk partion called "F:/"
With the space F:/ i encrypt it using true crypt then store my entire server apache websites everything in that location.
But i have a question for the server to decrypt the contents and deliever it does this slow it down since my intel cpu(s) has to decrypt the AES algorithm first.
I have no idea if anyone is familure with disk encryptions here or not ? |
|
Back to top |
|
James Blond Moderator

Joined: 19 Jan 2006 Posts: 7398 Location: EU, Germany, Next to Hamburg
|
Posted: Mon 05 May '14 16:47 Post subject: |
|
|
it depends which type you use. Like decrypt while mount won't make a difference. But if you decrypt your files on the fly, it will some kinda slow your server down.
I have no experience with that (TM) |
|
Back to top |
|
jraute

Joined: 13 Sep 2013 Posts: 188 Location: Rheinland, Germany
|
Posted: Fri 09 May '14 16:39 Post subject: |
|
|
Ok, decryption takes time and cpu-ressources, that is correct. But the normal performance of modern cpu's (i3, i5, i7, ...) handling files out of and into a truecrypt container is at a minimum of round about 100 Mbytes/s as long as the disk storage can handle that - for a normal application surely no bottleneck.
Check that your disk storage is fast enough, maybe use a ssd. |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Fri 09 May '14 17:37 Post subject: |
|
|
I have 2x 3 TB SATA3 hard drives even though my setup is my hard drives are dynamic and 1 hard drive mirrors the other so if one fails the other is still fine and no data loss. |
|
Back to top |
|
AdrianK_IT

Joined: 30 May 2013 Posts: 34 Location: Scottish Borders, UK
|
Posted: Wed 28 May '14 15:55 Post subject: |
|
|
What is the bandwidth of your (upload) pipe to the internet? (Upload, 'cos that will be the max download bandwidth for clients.)
I suspect other factors might be largely irrelevant; connectivity bandwidth will be the limiting factor. |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Wed 28 May '14 20:25 Post subject: |
|
|
AdrianK_IT wrote: | What is the bandwidth of your (upload) pipe to the internet? (Upload, 'cos that will be the max download bandwidth for clients.)
I suspect other factors might be largely irrelevant; connectivity bandwidth will be the limiting factor. |
1GBPS (Up and Down) |
|
Back to top |
|
AdrianK_IT

Joined: 30 May 2013 Posts: 34 Location: Scottish Borders, UK
|
Posted: Wed 28 May '14 21:07 Post subject: |
|
|
1 GBPS (GigaBytes Per Second)? Or 1 Gbps (Gigabits per second)? Theoretical maximum, or actual? |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Thu 29 May '14 9:05 Post subject: |
|
|
1 GigaByte per second, Actual connection speed. Servers with www.OVH.co.uk, I have to have allot of bandwidth since i deal with video streams. (Media Installations) |
|
Back to top |
|
Jan-E
Joined: 09 Mar 2012 Posts: 1266 Location: Amsterdam, NL, EU
|
Posted: Thu 29 May '14 20:49 Post subject: |
|
|
Quote from http://truecrypt.sourceforge.net/
Quote: | WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues
This page exists only to help migrate existing data encrypted by TrueCrypt.
The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP.
|
|
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Fri 30 May '14 17:16 Post subject: |
|
|
I wounder what the security issues are... I google but don't see anything nor how you would decrypt a AES algorithm anyway. |
|
Back to top |
|
AdrianK_IT

Joined: 30 May 2013 Posts: 34 Location: Scottish Borders, UK
|
Posted: Fri 30 May '14 21:31 Post subject: |
|
|
Can find no reference at OVH to GigaByte per sec connection speeds. This is no surprise; it is customary to express (long distance) serial connection speeds in bits per sec, since this is how they work, one bit after another.
Need to be clear about what units one is using if one wants to monitor/calculate likely effects of encryption.
As I understnd it, your disks can chuck data at your CPU at 600 MB/s, whereas your CPU can only chuck data at your clients at 128 MB/s (limited by your bandwidth, never mind theirs!). I doubt encryption is a problem! |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
|
Back to top |
|
Jan-E
Joined: 09 Mar 2012 Posts: 1266 Location: Amsterdam, NL, EU
|
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Sun 01 Jun '14 20:23 Post subject: |
|
|
Thanks Jan-E maybe the original developers just decided after all these years they don't want to keep maintaining a amazing bit of freeware. |
|
Back to top |
|
jraute

Joined: 13 Sep 2013 Posts: 188 Location: Rheinland, Germany
|
Posted: Mon 02 Jun '14 9:35 Post subject: |
|
|
If only one could ask the developers just one simple question "if they are keep on using their own software?" And if the answer would be yes, no one need to be doubtfully.
(This could be a question, which is probably allowed ... )
But who knows the real reasons?!
I am looking forward to see the final results from the audit, as long as nobody manipulate the result (the next doubt ...). |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Mon 02 Jun '14 13:45 Post subject: |
|
|
I will answer some questions that will make you doubt TrueCrypt original developers anyway even though the program was open source and on the website they claim they did not backdoor it even when goverments asked them to.
When you take the source code and compile it yourself your file sizes and outputs will be allot different to the version you download from TrueCrypt.org
Looking forward to what the audit produces and i wouldn't doubt the security anyway if you encrypt with a AES / AES Two fish serpant algorithm you are more than secure enough. Only Dictionary attacks and rainbow tables (A very big list of known and exsisting passwords) could possibly gain access to it. Decrypting it is impossible. |
|
Back to top |
|
jraute

Joined: 13 Sep 2013 Posts: 188 Location: Rheinland, Germany
|
Posted: Mon 02 Jun '14 14:12 Post subject: |
|
|
C0nw0nk wrote: |
When you take the source code and compile it yourself your file sizes and outputs will be allot different to the version you download from TrueCrypt.org |
That's nothing i wonder about, because the windows version includes a digital signature otherwise you would be asked during installation if you trust third party software ...
This digital signature needs some bytes. |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Mon 02 Jun '14 17:44 Post subject: |
|
|
True i suppose but i think this is a better way for TrueCrypt to go maintained and run in a community rather than just 1 person be more updates new features
Also do you use BitLocker and i cant find anywhere but does BitLocker offer hidden partitions ? Or isit only TrueCrypt that allows us to have hidden system partitions. |
|
Back to top |
|
jraute

Joined: 13 Sep 2013 Posts: 188 Location: Rheinland, Germany
|
Posted: Mon 02 Jun '14 23:04 Post subject: |
|
|
Don't get me wrong, at the moment i still trust truecrypt and would never choose a product from microsoft, google, apple or one of the other big players - it is known that they work with the nsa and co.
the thing is, if there is some kind of weak code or whatever, how can the community get an update, a patch, support? |
|
Back to top |
|
C0nw0nk
Joined: 07 Oct 2013 Posts: 241 Location: United Kingdom, London
|
Posted: Tue 03 Jun '14 18:25 Post subject: |
|
|
I believe it is a better way to go it will be down to one person to compile a official version as always but nothing stops us taking the source code to that updated version and compiling it ourselves.
And besides the amount of people reverse engineering that compiled file and looking for obfuscated code will soon show how trust worthy it is. |
|
Back to top |
|