Encryption
Types
Full Disk Encryption
Encrypts the whole disk of a system.
File-based Encryption
Encrypts single files.
In-Transit Encryption
Encrypts communications in-transit, that means while the message is transported. Also named transport encryption.
End-to-end (E2E) Encryption)
Ensures that messages from one party to another are only viewable by the sender and the recipient, no hop inbetween. You can only decrypt the messages with a private key owned by one of the two parties.
Software
Name | Purpose | OS compatibility |
---|---|---|
ecryptfs | ||
EncFS | ||
GPG (GnuPG) | Follows the OpenPGP standard and provides an interface for users to easily encrypt files | |
KeePassXC | Password database | Windows, Linux, macOS |
LUKS | full disk encryption | Linux |
OpenPGP | IETF-approved standard describing encryption technology that uses processes interoperable with PGP | |
PGP | A proprietary encryption solution owned by Symantec | |
VeraCrypt (former TrueCrypt) | Encrypted Containers | Windows, Linux, macOS |
Smartphone
Encrypting your smartphones has gotten fairly easy in the past few years. Some phones even come encrypted by default, which is great. An encrypted phone works no different than a non-encrypted phone, and you won't notice anything weird after setting it up.
Encrypting a phone means that if it falls into an attackers hands, they won't be able to read your data, even if somehow someone could bypass the lock screen (not legitimately unlock it).
iOS
With an Apple device, simply setting up that passcode turns on the encryption.
Android
Make sure your device is on a charger (it takes some time to encrypt).
- Settings app
- Security
- Encrypt phone
Encryption requires your same lock code as the one used on your lock screen. If you have a rooted phone, you can use Cryptfs Password to change the encryption password to something different than your lock code.