Free and Open Source Encryption Software for Linux

One of the best ways to protect sensitive computer data like credit card numbers and social security information is to use encryption software. Encryption software executes an algorithm that is designed to encrypt data in such a way that it cannot be recovered (decrypted) without access to the key. It is a main component of all aspects of file protection and computer communication. Files on hard drives and other removable media, email messages, and packets sent over computer networks can be made secure by encryption software.

For those of you who are interested, here's a list of well-known free and open source encryption software for Linux:

TrueCrypt is one of the most popular disk encryption tools around. It can encrypt and decrypt files on-the-fly (real-time) as needed without user intervention beyond entering the passphrase. TrueCrypt is capable of creating a virtual encrypted disk within a file or a device-hosted encrypted volume on either an individual partition or an entire storage device. It currently uses the XTS mode of operation but is backward compatible with older volumes.

Here are some of the main features of TrueCrypt:

* Creates a virtual encrypted disk within a file and mounts it as a real disk.
* Encrypts an entire partition or storage device such as USB flash drive or hard drive.
* Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
* Provides plausible deniability, in case an adversary forces you to reveal the password.
* Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.

More about TrueCrypt HERE

GNU Privacy Guard (GnuPG or PGP)
GNU Privacy Guard is security software used in protecting data storage and communication. It is utilized in encrypting and signing data to ensure its privacy and authenticity. It encrypts messages using asymmetric keypairs individually generated by GnuPG users. The GnuPG tool has a command line interface, but there are various front-ends that provide it with a graphical user interface. GnuPG encryption support has been integrated into KMail and Evolution.

Some of its features include:

* Full OpenPGP implementation
* Full replacement of PGP
* Easy implementation of new algorithms using extension modules
* Does not use any patented algorithms
* Can be used as a filter program
* Better functionality than PGP and some security enhancements over PGP 2
* Decrypts and verifies PGP 5, 6 and 7 messages
* Supports ElGamal, DSA, RSA, AES, 3DES, Blowfish, Twofish, CAST5, MD5, SHA-1, RIPE-MD-160 and TIGER
* Integrated support for HKP keyservers

More about GnuPG HERE

OpenSSL is an open source implementation of the SSL and TLS protocols. The project's primary goal is to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general-purpose cryptography library. The core library (written in the C programming language) implements the basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available.

More about OpenSSL HERE

Seahorse is a simple and easy-to-use GNOME front-end application for managing encryption keys such as PGP and SSH. It also integrates with nautilus, gedit and other places for encryption operations. The program supports HKP and LDAP key server.

The following are some of its features:
* Encrypting/decrypting/signing files and text
* Managing your keys and keyring
* Synchronizing your keys and your keyring with key servers
* Signing keys and publishing
* Caching your passphrase
* Backing up your keys and keyring

More about Seahorse HERE

mcrypt is a replacement for the popular UNIX crypt package and crypt command. The crypt was a file encryption tool that was using an algorithm very close to the World War II enigma cipher, which was broken. Mcrypt provides the same functionality but uses several modern algorithms such as AES. Libmcrypt, Mcrypt's companion, is a library of code that contains the actual encryption functions and provides an easy method for use. Mcrypt implements numerous cryptographic algorithms, mostly block ciphers and stream ciphers, some of which falls under export restrictions in the United States.

More about mcrypt HERE

If you know of other free and open source encryption software that you would like to add to our list above, please share them with us via comment.



    On my side GNUTLS is used more than openssl (Source based distros helps a lot to have GNUTLS enabled builds of software.

  2. Wow... Sorry. No offense but this is pretty weak. You mention TrueCrypt and mcrypt but fail to mention Luks (cryptsetup) and ecryptfs which are integrated into the kernel and in all the modern distributions. With Luks you can even encrypt your root file system (forget it with TrueCrypt). For communications, in addition to OpenSSL (which is really just support packages and libraries) there OpenSWAN (IPSec) and OpenVPN for VPN's to say nothing of OpenSSH.

  3. ccrypt I use which uses AEG cypher. Just tar up a folder and run ccencode and enter the pass key.

  4. Not to mention Mozilla's Network Security Services (NSS) which impliments, amongst others, SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 ...

  5. Sorry - But I have to agree with Matt Kukowski on this one. It is a flaw that the article doesn't mention eCryptfs which is integrated into the kernel and very easy to use in modern day distributions such as Fedora and Ubuntu.

    I use eCryptfs on my system, Lucid Lynx a.k.a. Ubuntu 10.04 LTS and I do not notice that it runs in real time.

    eCryptfs is simply too good just to be ignored.

  6. i want to a encryption program
    i found (spy message) here
    i can now hide messages using images without any effect on it