Technical Aspects

Notable Usage Characteristics

For user\'s convenience, DiskCryptor\'s driver caches entered passwords in the kernel memory, and automatically chooses the appropriate password during the volume mount. If the right password is not detected, the program then brings up the dialogue window to ask for it. The passwords are cached in the non-swap memory and do not get into the page-file. Cached passwords can be erased via menu or you can switch off this feature in the program settings.

External USB flash drives or any other removable volumes will be mounted automatically. DiskCryptor\'s files are required only to install the program and manage encrypted volumes and are not necessary for a day-to-day use. If all your partitions are encrypted with the same password it is required to enter it only once during the boot time.


DiskCryptor supports AES-256, Twofish and Serpent encryption algorithms. Extra cautions users can also choose to use a combination of cascaded algorithms, which would keep data safe even in case if one of the algorithms would be broken. The encryption key is randomly generated and is stored in an encrypted form, in the first sector of a volume. The guarantee of a safe cryptographic algorithm implementations, is that they are verified by a built-in test according to official test vectors, and open source code assures that no backdoors are present in the program.


Cryptographic Algorithms for the x86 version are implemented in Assembly Language, and the implementation has maximum number of optimizations for the Intel Core i5–i7 processors, while still performing sufficiently fast on any other processors as well. Almost all possible enhancements to improve the performance have been applied, and in particular, — the AES algorithm code is being dynamically generated, with the optimization made for the usage of a particular key. On multiprocessor systems encryption operations can run in parallel, where DiskCryptor automatically chooses optimal parallel mode based on system configuration. DiskCryptor also is able to make use of hardware cryptography extensions, if your CPU supports them. DiskCryptor vs TrueCrypt Encryption Benchmark.

On the Intel Core 2 Quad Q6600 CPU, data encryption speed amounts to 104 MB/s per core. The maximum speed of reading the data from a single hard disk equals to 80 MB/s so it can work with up to 5 different disks without loss of performance, when using the aforementioned type of processor. In case if your disks are not operating under a constant high load, then it is possible to work with even higher number of disks, and on a weaker system, without losing the performance.


DiskCryptor releases from 0.1 to 0.4 were fully compatible with TrueCrypt, as they used a corresponding partition format and encrypted data with AES-256 algorithm in LRW mode. Starting from DiskCryptor 0.5, the program relies upon its own partition format, developed specifically for encrypting partitions with data on them, as TrueCrypt format has been originally meant for creation of empty volumes. That move allowed for an increase in DiskCryptor\'s stability, eliminated many problems associated with file systems, and created an optimal format for further development of the program.