Introduction
FreeOTFE: A free "on-the-fly" transparent disk encryption program for MS
Windows 2000/XP/Vista/Windows 7 PCs (both 32 and 64 bit), and Windows Mobile 2003/2005 and Windows Mobile 6 and later PDAs
Using this software, you can create one or more
"virtual disks" on your computer - anything written to these disks is
automatically, and securely, encrypted before being stored on your computers
hard drive.
Features
- Source code freely available
- Easy to use; full wizard included for creating new volumes
- Data encrypted on your PC can be read/written on your PDA, and vice versa
- Powerful: Supports numerous hash/encryption algorithms, and
provides a greater level of flexibility than a number of other
(including many commercial!) OTFE systems
- Available in English, Spanish, German, Italian, French, Czech, Japanese, Croatian, Greek and Russian - with support for other language translations
- Hash algorithms include: MD5, SHA-512, RIPEMD-320, Tiger and many more
- Cyphers include AES (256 bit), Twofish (256 bit), Blowfish (448 bit), Serpent (256 bit) and many more
- Cypher modes supported include XTS, LRW and CBC (including XTS-AES-128 and XTS-AES-256)
- "Portable mode" included; FreeOTFE doesn't need to be installed before it can be
used - making it ideal for carrying your data securely on USB drives!
- Security tokens/smartcards supported for extra (optional) security
- Operates under both PC (MS Windows 2000/XP/Vista/Windows 7) and PDA (Windows Mobile 2003/2005 and Windows Mobile 6) platforms
- Linux compatibility (Cryptoloop "losetup", dm-crypt and LUKS supported)
- "Hidden" volumes may be concealed within other FreeOTFE volumes, providing "plausible deniability"
- FreeOTFE volumes have no "signature" to allow them to be identified as such
- Encrypted volumes can be either file or partition based.
- Modular design allowing 3rd party drivers to be created, incorporating new hash/cypher algorithms
- Supports password salting (up to 512 bits), reducing the risks presented by dictionary attacks.
- Allows users to backup and restore the critical areas of volume files.
- Keyfile support included; store volumes and their associated metadata separately.
- Volume file timestamps and attributes are reset after dismounting, increasing "plausible deniability"
- Supports volumes files up to 2^63 bytes (8388608 TB)
- Comprehensive documentation
- Naturally, fully supported by SecureTrayUtil.
- Plus more...!
Screenshots of FreeOTFE and FreeOTFE4PDA are available
Cyphers included:
Cypher
|
Key length (in bits) |
Block Length (in bits)
|
Modes
|
Source Library
| Comments
|
AES |
128 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
XTS version aka XTS-AES-128 |
AES |
192 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman | |
AES |
256 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
XTS version aka XTS-AES-256 |
AES |
128 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| XTS version aka XTS-AES-128 |
AES |
192 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| |
AES |
256 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| XTS version aka XTS-AES-256
|
Blowfish |
128 |
64 |
CBC
|
LibTomCrypt
| |
Blowfish |
160 |
64
|
CBC
|
LibTomCrypt
| |
Blowfish |
192 |
64
|
CBC
|
LibTomCrypt
| |
Blowfish |
256 |
64 |
CBC
|
LibTomCrypt
| |
Blowfish |
448 |
64
|
CBC
|
LibTomCrypt
| |
CAST5 |
128 |
64 |
CBC
|
LibTomCrypt
| aka CAST-128 |
CAST6 |
128 |
128 |
CBC
|
Dr. Brian R. Gladman |
aka CAST-256 |
CAST6 |
160 |
128 |
CBC
|
Dr. Brian R. Gladman |
aka CAST-256 |
CAST6 |
192 |
128 |
CBC
|
Dr. Brian R. Gladman |
aka CAST-256 |
CAST6 |
224 |
128 |
CBC
|
Dr. Brian R. Gladman |
aka CAST-256 |
CAST6 |
256 |
128 |
CBC
|
Dr. Brian R. Gladman |
aka CAST-256 |
DES |
64 |
64 |
CBC
|
LibTomCrypt
| |
3DES |
192 |
64 |
CBC
|
LibTomCrypt
| Standard encrypt, decrypt, encrypt |
MARS |
128 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
MARS |
192 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
MARS |
256 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Null |
0 |
(variable) |
n/a |
n/a |
|
RC-6 |
128 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman | |
RC-6 |
192 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman | |
RC-6 |
256 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman | |
RC-6 |
128 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| |
RC-6 |
192 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| |
RC-6 |
256 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| |
RC-6 |
1024 |
128 |
CBC/LRW/XTS
|
LibTomCrypt
| |
Serpent |
128 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Serpent |
192 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Serpent |
256 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Twofish |
128 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Twofish |
192 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Twofish |
256 |
128 |
CBC/XTS
|
Dr. Brian R. Gladman |
|
Twofish |
128 |
128 |
CBC
|
Hi/fn and Counterpane Systems
| x86 systems only |
Twofish |
192 |
128 |
CBC
|
Hi/fn and Counterpane Systems | x86 systems only |
Twofish |
256 |
128 |
CBC
|
Hi/fn and Counterpane Systems | x86 systems only |
Twofish |
128 |
128 |
CBC/LRW/XTS |
LibTomCrypt
| |
Twofish |
192 |
128 |
CBC/LRW/XTS |
LibTomCrypt
| |
Twofish |
256 |
128 |
CBC/LRW/XTS |
LibTomCrypt
| |
XOR |
(variable) |
(variable) |
n/a |
n/a |
|
Hash algorithms included:
Hash
|
Hash Length (in bits)
|
Block Length (in bits)
|
Source Library
|
MD2 |
128 |
128 |
LibTomCrypt
|
MD4 |
128 |
512 |
LibTomCrypt |
MD5 |
128 |
512 |
LibTomCrypt
|
Null |
(variable) |
(variable) |
n/a |
RIPEMD-128 |
128 |
512 |
LibTomCrypt
|
RIPEMD-160 |
160 |
512 |
LibTomCrypt |
RIPEMD-160 (Linux; Twice, with A) |
320 |
512 |
LibTomCrypt
|
RIPEMD-256 |
256 |
512 |
LibTomCrypt |
RIPEMD-320 |
320 |
512 |
LibTomCrypt |
SHA-1 |
160 |
512 |
LibTomCrypt
|
SHA-224 |
224 |
512 |
LibTomCrypt
|
SHA-256 |
256 |
512 |
LibTomCrypt
|
SHA-384 |
384 |
1024 |
LibTomCrypt
|
SHA-512 |
512 |
1024 |
LibTomCrypt
|
Tiger |
192 |
512 |
LibTomCrypt
|
Whirlpool |
512 |
512 |
LibTomCrypt
|
|