TrueCrypt Version 7.0a Evaluation Report

"On-the-fly encryption" means that data are automatically encrypted or decrypted right before it is loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfiles or correct encryption keys. The target customers for the TrueCrypt software can be any computer user, including State and local law enforcement organizations, who desire to have data safeguarded by encryption. TrueCrypt can be used by State and local law enforcement agencies in order to protect data confidentiality and information for cases can be encrypted and shipped in a secure manner. The evaluation found that the tested features of the TrueCrypt software performed as advertised. Thus, it would enable law enforcement agencies to protect sensitive data that may be exposed to eavesdropping. Once TrueCrypt encrypts the data, access is all but impossible provided that a strong password is chosen. In a law enforcement application, the software is free. The first of three tests evaluated the advertised feature that TrueCrypt creates a virtual encrypted disk within a file and mounts it as a real disk. It also tested whether a password for a TrueCrypt volume can be recovered from the RAM of a running system. The second test assessed the advertised feature that TrueCrypt encrypts an entire partition or storage device such as a USB flash drive or hard drive. It also tested whether a password for a TrueCrypt volume can be recovered from the RAM of a running system. The third test involved TrueCrypt's pre-boot authentication. Illustrative computer screen messages