Posted 06 November 2013 - 07:23 PM

The main feature that TrueCrypt doesn't have is to create an encrypted volume in the middle of an image file or even of a non-encrypted physical drive partition.

This is a form of steganography that gives different possible strategies compared with the "plausible deniability" of TrueCrypt (which is, in my opinion, not really steganography because a hidden volume can only be created inside a standard TrueCrypt volume).



There is also another advantage over TrueCrypt: it is very easy to compile (and so, to check or even to customise). No need to sign a driver (thanks to ImDisk), no need to download several hard-to-find softwares... This way, you don't have to trust me, which is good for this kind of software.



There is less obvious advantages, like the fact TrueCrypt leaves several informations in the registry or in the event logs, like the date and hour of each use of TrueCrypt. As far as I know, ImDisk doesn't write this kind of information. So, using ImDisk is not only a great help for me, but also a true advantage for the user.



About the security, ProxyCrypt could be also more robust against brut force attacks, because of the scrypt key derivation function. TrueCrypt uses PBKDF2, which is still secure, but easy to parallelize, which is not good with the capabilities of the current GPUs. Scrypt can be tuned to use as much as RAM (and CPU) than the user want, which increases a lot the hardware requirement. By the way, it is this function that uses 140 MB of RAM. I can reduce if it is really too much, but this will help the attackers. And for a new software, we should anticipate the future possible attacks and the hardware evolutions.



That said, there are also some things that I will never implement, like a GUI or the system encryption. I don't want to rewrite TrueCrypt, but rather to provide an alternative.