Table of Contents

Encryption

Types

Full Disk Encryption

Encrypts the whole disk of a system.

File-based Encryption

Encrypts single files.

In-Transit Encryption

Encrypts communications in-transit, that means while the message is transported. Also named transport encryption.

End-to-end (E2E) Encryption)

Ensures that messages from one party to another are only viewable by the sender and the recipient, no hop inbetween. You can only decrypt the messages with a private key owned by one of the two parties.

Software

Name Purpose OS compatibility
ecryptfs
EncFS
GPG (GnuPG) Follows the OpenPGP standard and provides an interface for users to easily encrypt files
KeePassXC Password database Windows, Linux, macOS
LUKS full disk encryption Linux
OpenPGP IETF-approved standard describing encryption technology that uses processes interoperable with PGP
PGP A proprietary encryption solution owned by Symantec
VeraCrypt
(former TrueCrypt)
Encrypted Containers Windows, Linux, macOS

Smartphone

Encrypting your smartphones has gotten fairly easy in the past few years. Some phones even come encrypted by default, which is great. An encrypted phone works no different than a non-encrypted phone, and you won't notice anything weird after setting it up.

Encrypting a phone means that if it falls into an attackers hands, they won't be able to read your data, even if somehow someone could bypass the lock screen (not legitimately unlock it).

iOS

With an Apple device, simply setting up that passcode turns on the encryption.

Android

Make sure your device is on a charger (it takes some time to encrypt).

  1. Settings app
  2. Security
  3. Encrypt phone

Encryption requires your same lock code as the one used on your lock screen. If you have a rooted phone, you can use Cryptfs Password to change the encryption password to something different than your lock code.