Using any external USB drive under Windows XP, how to encrypt/decrypt files on the fly, but without too much slow-down from the overhead.
Most of the obvious solutions like Truecrypt won't work because with these the host system needs to have first had some drivers installed by a system administrator.
How to have an encrypted USB drive, so the data will still be accessible on any XP system?
As a note, Windows 7's bitlocker will allow for thumb drive encryption, and you can force it to do so.
Truecrypt has an traveler mode, maybe it helps?
It will be difficult to do full disk encryption or even on-the-fly-encryption without drivers! The only thing that woudln't decrypt to the harddrive would be some programm that injects itself in userspace in every process and touches open calls etc.
As already mentioned Truecrypt is not an option that would run on any Windows XP installation. This is due to the fact that creating a "virtual" drive requires administrator privileges. Without such a virtual drive you cannot:
Afaik the is no solution to overcome this limitation in a easy and secure way. The simplest solution that would work everywhere is an encrypted archive file. 7Zip for example can use AES256 which is, combined with a sufficient long pass phrase, a good layer of privacy. 7zip is also available as es plain exe, so you could put it one the stick and take it with you.One thing you have to keep in mind: If you access an file from inside the archive it will be copied to the host temporary directory and possible not deleted securely.
Also I recently saw (on the Cebit, which is an Internationale IT fair in Germany) some AES encrypted usb drives which were explicitly advertised as being true AES combined with a host software which fed the encryption key. Sadly I haven't the name of the manufacturer in mind. But I'm convinced that there are some real solution if you are willing to pay the price (both: money and transfer rates).
I don't have experience with this but you may want to try iron key Having a secure flash drive doesn't give complete protection, what if someone copys the files from the drive to there personal computer and that computer gets stolen, a trogen horse gets installed on a computer they access the drive from, etc.
Iron key is great, it has encryption hardware inside. It works everywhere because it doesn't need privileges (nothing to install), and is really secure (used by usa military). After 10 bad try, the inside of they key get a fatal liquid free up.
Corsair’s Flash Padlock might work for you. It isn't encrypted, but it's better than nothing.
We use Lexar JumpDrive Secure for our USB keys. The key have 2 partitions, one that is accessible by anyone, and one that is encrypted. The public partition contains the software to access the private part, so make sure you use a strong pass phrase. It works well with windows xp, but not on linux. The old versions we have doesn't work on vista, but the new ones are suppose to work fine.
Beware a common mistake, reported by Schneier on Security:
Lessons in Key Management
Encrypting your USB drive is smart. Writing the encryption key on a piece of paper and attaching it to the USB drive is not.
NTFS (one option for file systems in XP, which you can choose when you format the drive) has transparent encryption support built in.
