TrueCrypt volumes can be encrypted using the following algorithms:
Algorithm Designer(s) Key Size
(Bits) Block Size (Bits) Mode of Operation
AES J. Daemen, V. Rijmen 256 128 XTS
Serpent R. Anderson, E. Biham, L. Knudsen 256 128 XTS
Twofish B. Schneier, J. Kelsey, D. Whiting,
D. Wagner, C. Hall, N. Ferguson 256 128 XTS
AES-Twofish 256; 256 128 XTS
AES-Twofish-Serpent 256; 256; 256 128 XTS
Serpent-AES 256; 256 128 XTS
Serpent-Twofish-AES 256; 256; 256 128 XTS
Twofish-Serpent 256; 256 128 XTS
what one does everyone use
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Serpent-Twofish-AES 256
Please search before posting. ~Thanks
Telling you what encryption we use would decrease the security of our encrypted files a notch, but just a notch
hi
all encryptions are good. aes 256 is even totally strong enough.
much more important than the algorithm is the choose of a long passwort, favorable containing numbers and symbols....
A single death is a tragedy; a million deaths is a statistic.
well when i really want to protect it i encrypt it twice with 2 different encryption methods and 2 different passwords usually at least 1 26 digit alphanumerical one but i frequently forget the passwords so end up writing it down somewhere and thus defeating the purpose of such a long password
i know u all do your best and i thank you for your patience
Keep the password as an unnamed entry in a KeePass database (They are encrypted in a aes 256bit encryption too.)
Release Team Member
But he'll need a strong password for KeePass too now. To avoid forgetting it, he'll need to make an entry in.. KeePass DOH!
Personally my password for keepass is long but easy to remember. Plus it's a lot easier to find a partition or true crypt file that are usually gigs in size compared to a KeePass file. Just hide it somewhere take KeePass out of the StartMenu and your good. Personally I don't really remember what my TrueCrypt pass is. I actually have an AutoIt script to auto mount the drive with a hotkey ONLY if a specific window is open. You can set this window to be a program, folder in your computer, or even selected extension being highlighted in a folder. Plus most people don't need that much encryption. All I really need is to keep the idots away from my slightly sensitivie info (banking etc.) and I'm good.
Release Team Member
OMG, do you work for NASA?
There isn't need to use 2 encryption! I dont think that somebody can hack your password if it has 26 digit.
>well when i really want to protect it i encrypt it twice with 2 different encryption methods
Otto Sykora
Basel, Switzerland
i realize that encrypting it a second time actually does nothing to secure the data further but it does scramble the encryption header making it harder for some1 to just strip the encryption method off the folder therefore making a brute force approach impossible because even if the first layer of encryption is broken it seems like the file is still encrypted and there fore the encryption has not been broken so the brute force application will continue with a new set of algorithms
i know u all do your best and i thank you for your patience
The usual reason given in crypto circles for chaining multiple encryption methods is that, in the even that a flaw is found in one algorithm that allows for more rapid key guessing (which happens from time to time) then you are still protected by the fact that the other algorithm is still secure and is still protecting your data.
Assuming that the methods used are still strong, there is very little gain, as you say, however, should one of them be found to actually be much weaker than was previously thought, it can matter very significantly.