4

Is there an application similar to TrueCrypt, but the one that can make variable size containers opposed to fixed-size or only-growing-to-certain-amount containers which can be made by TrueCrypt?

I want this container to be able to be mounted to a drive/folder, and the size of the outer container not be much different from the total size of all the files that I put into the mounted folder, while still providing strong encryption.

If to put it in other words, I want a program like truecrypt, which not only automatically grows the container if I put in new files, but also decreases it's size if some files are deleted.

I know there are some issues of course, and it would not work 100% as truecrypt, because it basically works on the sector level of the disk, giving all the filesystem-control to the OS, and so when I remove a file, it might as well be left there, or there might be some fragmentation issues that would stop just truncating the volume from working, but perhaps a program can be built in some other way? Instead of providing sector-level interface, it would provide filesystem-level interface? A filesystem inside a file which would support shrinking when files are deleted?

Cray
  • 190
  • 2
  • 9
  • _"A filesystem inside a file which would support shrinking when files are deleted?"_ -- Zip/Rar/etc archive with encryption? – LazyOne Nov 26 '11 at 23:59
  • You understand that you would lose some of the security right? The size alone may indicate to an evil person something about the contained files. – Zoredache Nov 27 '11 at 00:03
  • LazyOne, I didn't know archives could work in this way, I am going to study this. Zoredache, yes, of course. As a small compensation for this, I would assume that any sane developer making such a solution would always use some kind of padding, making the outer size of the container grow/shrink in discrete steps, like a couple of megabytes perhaps. – Cray Nov 27 '11 at 00:07

2 Answers2

3

On the Linux side, the encfs project seems to fit the bill. The project page is here. Basically, it's file-based (rather than volume-based) encryption, so that the encrypted files are stored individually. There's a hidden directory with nonsense directory and file names. Encfs loop mounts a decrypted view of that directory. When you delete a file in the encfs mount, it will delete the file in the hidden directory, etc.

It's primarily Linux, but there are some instructions on how to build it for Mac OS X (I don't know how well it works), and there's an experimental Windows project called encfs4win that's trying to get its functionality over to there. There's also a commercial product called Boxcryptor that purports encfs support in Windows. I can't vouch for anything other than the Linux implementation, though.

cjc
  • 24,533
  • 2
  • 49
  • 69
0

"A filesystem inside a file which would support shrinking when files are deleted?"

You might look into Virtual Machine Disk (VMDK) (http://en.wikipedia.org/wiki/VMDK) which grows on demand (at least when I use VirtualBox), and I think they can shrink too.

VMDK's can be encrypted, and/or you can put them inside another encrypted container.

If you just need to grow a truecrypt image, you can try appending random data to the end of the truecrypt file (after dismounting), then remount to see if truecrypt now has a larger image. I haven't tested this method, and from what I've read, it may not work on newer versions of truecrypt.