# VeraCrypt — Free Open Source Disk Encryption Software > A disk encryption tool based on TrueCrypt that creates encrypted volumes, partitions, and full-disk encryption with strong ciphers including AES, Serpent, and Twofish. ## Install Save in your project root: # VeraCrypt — Free Open Source Disk Encryption Software ## Quick Use ```bash # Install on Ubuntu/Debian sudo add-apt-repository ppa:unit193/encryption sudo apt update && sudo apt install veracrypt # Install on macOS brew install --cask veracrypt # Create an encrypted volume via GUI veracrypt ``` ## Introduction VeraCrypt is a free disk encryption tool that creates encrypted volumes and supports full-disk encryption. It is a fork of TrueCrypt that fixes known security vulnerabilities and adds stronger key derivation. VeraCrypt is widely used by security-conscious professionals and journalists for protecting sensitive data at rest. ## What VeraCrypt Does - Creates encrypted file containers that mount as virtual drives - Encrypts entire disk partitions and USB drives with sector-level encryption - Supports full-disk encryption for Windows system drives with pre-boot authentication - Offers cascaded encryption using combinations of AES, Serpent, and Twofish - Provides hidden volumes and hidden operating systems for plausible deniability ## Architecture Overview VeraCrypt uses a volume format where a header encrypted with the user's password stores the master key. Key derivation uses PBKDF2 with a high iteration count (configurable via PIM) using SHA-512, Whirlpool, or Streebog. Data blocks are encrypted in XTS mode, providing tweakable encryption that ties each block to its disk position. The driver intercepts disk I/O at the block layer and decrypts transparently. On Windows, a boot loader handles pre-boot authentication for system encryption. Hidden volumes use a second header at a different offset, so the outer volume appears to contain random data. ## Self-Hosting & Configuration - Download from veracrypt.fr or install via system package managers - Create volumes via the GUI wizard or the command-line interface `veracrypt -c` - Choose cipher (AES, Serpent, Twofish, or cascades) and hash algorithm during creation - Set the PIM (Personal Iterations Multiplier) to balance security and mount time - Mount volumes via `veracrypt /path/to/volume /mnt/point` or the GUI ## Key Features - Strong key derivation with configurable PBKDF2 iterations via PIM - Cascaded encryption (AES-Twofish-Serpent) for defense in depth - Hidden volume and hidden OS for plausible deniability under coercion - Cross-platform support for Windows, macOS, and Linux - Independently audited by Quarkslab with published results ## Comparison with Similar Tools - **Cryptomator** — file-level cloud encryption; VeraCrypt is block-level disk encryption - **LUKS/dm-crypt** — Linux-native disk encryption; VeraCrypt is cross-platform with a GUI - **BitLocker** — Windows-only, proprietary, no hidden volume support - **FileVault** — macOS-only, tied to Apple hardware; VeraCrypt is portable across OSes - **age** — simple file encryption CLI; VeraCrypt encrypts entire volumes transparently ## FAQ **Q: Is VeraCrypt compatible with TrueCrypt volumes?** A: Yes. VeraCrypt can mount TrueCrypt volumes in legacy mode, though migration to the VeraCrypt format is recommended for stronger key derivation. **Q: What is the PIM and should I change it?** A: The PIM controls the number of PBKDF2 iterations. A higher PIM increases resistance to brute-force attacks but slows mounting. The default is secure for most users. **Q: Can I use VeraCrypt for full-disk encryption on Linux?** A: VeraCrypt supports full-disk encryption on Windows only. On Linux, use LUKS for system partition encryption and VeraCrypt for data volumes. **Q: Has VeraCrypt been audited?** A: Yes. Quarkslab performed a security audit in 2016, and the identified issues were addressed in subsequent releases. ## Sources - https://github.com/veracrypt/VeraCrypt - https://veracrypt.fr/en/Documentation.html --- Source: https://tokrepo.com/en/workflows/asset-ffd9d654 Author: AI Open Source