This article has multiple issues. Please help to improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)
|Developer(s)||Anonymous ntldr <ntldr(at)diskcryptor.net> David Xanatos|
1.2.2/848.118.202 Stable / 27 April 2020
|Written in||C, Assembly|
|Type||Disk encryption software|
DiskCryptor is a free and open-source full disk encryption system for Microsoft Windows. It allows for the encryption of a PC's entire hard drive or individual partitions – including the ability to encrypt the partition and disk on which the OS is installed.
DiskCryptor was originally designed to replace commercial disk encryption systems such as DriveCrypt Plus Pack and PGP Whole Disk Encryption, and uses either AES-256, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption.
The project was originally started by a former TrueCrypt user and forum member who goes by the name of 'ntldr' (anonymous). According to the developer, it was originally fully compatible with TrueCrypt's container format as it used a corresponding partition format and encrypted data with AES-256 algorithm in LRW mode. However, according to the software's website, has since improved on the format in order to allow data-in-place encryption on Windows XP, to allow the system partition to have exactly the same format as non-system partitions and to support future project plans.
After the original TrueCrypt was discontinued, DiskCryptor as an alternative had not been updated for a long time, but since 2020 development has restarted. Notable changes are the ability to boot in an UEFI environment from GPT disks. Other alternatives have appeared, most notably the source-available project VeraCrypt (based on the original TrueCrypt source code), but DiskCryptor is significant more efficient and faster, most noticeable on very fast NVMe storage devices.
- Support for encryption algorithm AES, Twofish, Serpent, including their combinations.
- Transparent encryption of disk partitions.
- Full support for dynamic disks.
- Support for disk devices with large sector size (important for hardware RAID operation).
- Performance claimed to be comparable to efficiency of a non-encrypted system.
- Broad choice in configuration of booting an encrypted OS. Support for various multi-boot options.
- Full support for external storage devices.
- Option to create encrypted CDs and DVDs.
- Full support for encryption of external USB storage devices.
- Automatic mounting of disk partitions and external storage devices.
- Support for hotkeys and optional command-line interface (CLI).
- Open license GNU GPLv3.
For limitations in the current version, as well as other technical information, see official website.
All algorithms are implemented in XTS mode.
- prf HMAC-SHA-512
With modern computer system that have hardware accelerated AES calculations, Diskcryptor has nearly native write/read performance in the multi GB/s range even on very fast modern storage devices like NVMe. On an Intel Core 2 Quad (Q6600) CPU data encryption speed amounts to 104 MB/s per core. Crypto-algorithms for the x86 version are implemented in assembly language, the implementation having a maximum number of optimizations for the Intel Core line of processors, however it performs sufficiently fast on any other processor as well. Almost all possible enhancements to improve the performance have been applied such as the AES algorithm code is being dynamically generated with optimization made for the usage of a particular key.
|Operating systems||Service pack||Instruction set architecture|
|Server 2003||SP0–SP2||x86, x64|
|Server 2008||SP0–SP2||x86, x64|
|Server 2008 R2||x64|
|8, 8.1||x86, x64|
- OTFEDB entry for DiskCryptor v0.2 Archived 11 June 2009 at the Wayback Machine
- Whitepaper: Full-Disk-Encryption Crash-Course – Everything to hide by Jürgen Pabel
- DiskCryptor version history Archived 6 September 2013 at the Wayback Machine
- "DiskCryptor official website: DiskCryptor Wiki, Main Page". Retrieved 30 May 2014.