The multifaceted encryption tool zuluCrypt
|
Creating a Key
Before starting, you should create a key in zuluCrypt and store it some place like a USB stick that you keep secure. In order to create a key, you should first go to the Create menu and select the entry KeyFile . A dialog will open, and you enter the name and storage location. Next, in the same menu, you should select the entry for creating a container in a file or a partition. It is important to know whether the hard drive or the USB stick use a Linux system and whether they are mounted.
If instead of encrypting a file, you want to encrypt an entire partition on the internal hard drive, then you should call zuluCrypt with root rights. The command for this is
sudo zuluCrypt-gui
Pay attention to the capital letter C in the name. You should also remember that the content of the partition will be lost when the container gets created. If you start zuluCrypt as a standard user, it will only show those partitions that do not appear in /etc/fstab , thus those partitions that the tool does not recognize as system partitions.
Three operating elements make it possible to open the selected partition, use the partition's indicated UUID for secure identification of the device, and interrupt the action. The 16-bit hexadecimal UUID is the Universally Unique Identifier . This identifier is something that the kernel has been permanently assigning to partitions for some years now and it makes a partition uniquely identifiable. The UUID will change only when the respective partition gets formatted. For this reason, you should also use the identifier for zuluCrypt.
Encryption Methods
If you then click on open , a dialog will appear where you should specify the encryption method and the key and file size the program will use. If you would rather use a conventional key instead of an encryption file that is generated beforehand, you will need to enter it twice. In order to use an encryption file, you should open the roll-down menu and make a selection. If you already have a key for VeraCrypt, you can also use it here. This is because zuluCrypt, among other things, is compatible with existing VeraCrypt volumes.
The documentation helps in the selection of the encryption methods. Generally speaking, Normal VeraCrypt is a solid choice (Figure 3). It would also be possible to go with VeraCrypt + hidden Container . This option has the program create a container within an invisible container. The holding container remains invisible even when the first container is opened. If you want the container to open under Windows and Mac OS X, you will need to select a compatible filesystem such as VFAT. If on the other hand, you want to use the container under Linux, then you can use LUKS.
You can quickly get overwhelmed by the number of possibilities for choosing encryption strength. However, the preset aes-xts-plain64 256 sha 512 is perfectly adequate for all private and commercial security requirements. The aes-xts-plain64 secret code corresponds to the current standard for Cryptsetup 1.7.0 under Linux. The key length amounts to 256 bit. The hash algorithm SHA-2 with its 512-bit key is applied.
It only takes a few seconds to create a file and container. The message, which reports that a container has been successfully created, also advises you to secure the LUKS header (Figure 4). This is where the program stores meta-information. If the header is destroyed or becomes corrupted, access to the encrypted data is lost. Therefore, you should pay attention in the menu under Volumes | secure header to this cautionary measure. This setup also makes it possible to intentionally destroy access to encrypted data quickly and permanently. You can restore data in an emergency from the same tab. The secured header is found in the home directory initially. Then you can transfer it to a secure location.
« Previous 1 2 3 4 Next »
Buy this article as PDF
Pages: 5
(incl. VAT)