6
PREFACE
Please note that although most chapters of this documentation apply generally to all versions of TrueCrypt,
some sections are primarily aimed at users of the Windows versions of TrueCrypt. Hence, such sections may
contain information that is inappropriate in regards to the Mac OS X and Linux versions of TrueCrypt.
Introduction
TrueCrypt is a software system for establishing and maintaining an
on-the-fly-encrypted volume
(data storage device). On-the-fly encryption means that data is automatically encrypted right before
it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an
encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct
encryption keys. Entire file system is encrypted (e.g.,
file names, folder names, contents of every
file, free space,
meta data, etc).
Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any
normal disk (for example, by simple drag-and-drop operations). Files are automatically being
decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted
TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are
automatically being encrypted on the fly (right before they are written to the disk) in RAM.
Note that
this does
not
mean that the
whole
file that is to be encrypted/decrypted must be stored in RAM
before it can be encrypted/decrypted. There are no extra memory (RAM) requirements for
TrueCrypt. For an illustration of how this is accomplished, see the following paragraph.
Let’s suppose that there is an .avi video file stored on a TrueCrypt volume (therefore,
the video file
is entirely encrypted). The user provides the correct password (and/or keyfile) and mounts (opens)
the TrueCrypt volume. When the user double clicks the icon of the video file, the operating system
launches the application associated with the file type – typically a media player. The media player
then begins loading a small initial portion of the video file from the TrueCrypt-encrypted
volume to
RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically
decrypting it (in RAM). The decrypted portion of the video (stored in RAM) is then played by the
media player. While
this portion is being played, the media player begins loading another small
portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) and the process
repeats. This process is called on-the-fly encryption/decryption and it works for all file types (not
only for video files).
Note that TrueCrypt never saves any decrypted data to a disk – it only stores them temporarily in
RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted.
When you restart Windows or turn off your computer, the volume will be
dismounted and files
stored in it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted
(without proper system shut down), files stored in the volume are inaccessible (and encrypted). To
make them accessible again, you have to mount the volume (and provide the correct password
and/or keyfile).