Encrypt your files with VeraCrypt on Linux, Windows, Mac OS and Android

Encrypt your files with VeraCrypt on Linux, Windows, Mac OS and Android

This article will guide you how to secure your files using VeraCrypt, a free and open source encryption tools and multi platform, works on Windows, Linux and Mac OS, available on GUI version and command line / console.

If you want to secure your file on Linux, you can use LUKS format, but it’s may did not work on Windows or Mac OS.

You can read How to create encrypted disk image with Linux LUKS format using Cryptsetup

Why Veracrypt?

VeraCrypt is a free disk encryption software based on TrueCrypt.

It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks.
For example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327670.

And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses 655340 for RIPEMD160 and 500000 iterations for SHA-2 and Whirlpool.

It’s free and open source. More secure than TrueCrypt. Works on Windows, Linux and Mac OS. Works on hard drive or USB drive, extremely fast read and write.

You can check all great features on VeraCrypt’s Website.

How to install VeraCrypt on Linux

VeraCrypt support Centos 6, 7 and 8 GUI and console version. It’s also support Debian 9 and newer, Ubuntu 12 and newer, also openSuse.

Go to https://www.veracrypt.fr/en/Downloads.html and choose your version. In this example we use Console version.

Creating Encrypted Volume or Hard Disk using VeraCrypt on Linux

If you want to encrypt entire disk for example /dev/sdb you can fill it when prompt Enter volume path: /dev/sdb

Encryption Algorithm we choose AES SHA-512. AES is fastest encryption. Picture below is benchmark speed Encryption Algorithm on Mac OS I7 woith 16GB RAM and SSD disk.

Encryption Algorithm Speed Benchmark

File system we choose FAT, because it can be used on Windows, Linux and Mac OS.

We did not put PIM. PIM is Personal Iterations Multiplier. You can customize the number of iterations when the head key of the encrypted disk is generated.

The larger the number of iterations, it will be longer to compute the header key, and slower the process of mounting the encryption disk.

If someone wants to use violent cracking to decrypt the “head” exhaustively, it will take a long time to try each time (also N iterations). When N is big enough, violent cracking becomes impossible.

Please note, if you set PIM, it’s like Two factor Authentication. You must remember password and PIM. Once you loose it, there is no way to get your disk or files back.

Mounting encrypted volume or disk on Linux

You can not directly mount encrypted disk using standar linux command. You must use veracrypt command to mount encrypted disk or encrypted volume.

We successfully mount volume and write file to mopunted VeraCrypt volume.

VeraCrypt VS Cryptsetup LUKS format speed benchmark

Check write speed of VeraCrypt Encrypted Volume, it’s very fast.

Check write speed of Cryptsetup LUKS Format encrypted container

Now check write speed on /root directory

From simple benchmark above, VeraCrypt volume speed 578 MB/s, LUKS Format encrypted container speed 267 MB/s, and disk speed is 349 MB/s. So the winner is VeraCrypt volume.

Unmounting encrypted volume or disk on Linux

Do not use normal umount command to unmounting VeraCrypt volume.

If you want to unmount all VeraCrypt volume, use this command:

Now check all mounted file system.

Create, Encrypt, Decrypt and Open Veracrypt on Android

On android device you can use EDS Lite to Create, Encrypt, Decrypt and Open Veracrypt on Android.

Get EDS Lite on https://play.google.com/store/apps/details?id=com.sovworks.edslite

Click on manage containers then click Plus icon on top right. You can create new container or add an existing container.

On this article we choose add an existing container, that we create on Linux server (Centos 7).

Import an existing VeraCrypt container on Android
Import an existing VeraCrypt container on Android
Choose Container Format on Android
Choose Container Format on Android, EDS Lite support TRueCrypt, VeraCrypt, LUKS and EncFs
Open VeraCrypt on Android
Open VeraCrypt on Android
VeraCrypt Container added to Android
VeraCrypt Container added to Android
VeraCrypt container successfully opened on Android
VeraCrypt container successfully opened on Android

Leave a Reply

Your email address will not be published. Required fields are marked *