TrueCrypt - Free Open-Source Disk Encryption - Documentation


	Introduction Beginner's Tutorial System Encryption Supported Systems Hidden Operating System Rescue Disk Plausible Deniability Hidden Volume Protection of Hidden Vol. Security Requirements Hidden Operating System Parallelization Pipelining Hardware Acceleration Encryption Algorithms AES Serpent Twofish Cascades Hash Algorithms RIPEMD-160 SHA-512 Whirlpool Technical Details Notation Encryption Scheme Modes of Operation Header Key Derivation Random Number Gen. Keyfiles Volume Format Spec. Standards Compliance Source Code TrueCrypt Volume Creating New Volumes Favorite Volumes System Favorite Volumes Main Program Window Program Menu Mounting Volumes Supported Systems Portable Mode Keyfiles Tokens & Smart Cards Language Packs Hot Keys Security Model Security Requirements Data Leaks Paging File Hibernation File Memory Dump Files Unencrypted Data in RAM Physical Security Malware Multi-User Environment Authenticity and Integrity New Passwords & Keyfiles Password/Keyfile Change Trim Operation Wear-Leveling Reallocated Sectors Defragmenting Journaling File Systems Volume Clones Additional Requirements Command Line Usage Backing Up Securely Miscellaneous Use Without Admin Rights Sharing over Network Background Task Removable Medium Vol. TrueCrypt System Files Removing Encryption Uninstalling TrueCrypt Digital Signatures Troubleshooting Incompatibilities Issues and Limitations License Future Development Acknowledgements Version History References

Security Requirements and Precautions > Trim Operation

Direct Link

Disclaimers

Please consider making a donation.

Donate Now >>

Trim Operation

Some storage devices (e.g., some solid-state drives, including USB flash drives) use so-called 'trim' operation to mark drive sectors as free e.g. when a file is deleted. Consequently, such sectors may contain unencrypted zeroes or other undefined data (unencrypted) even if they are located within a part of the drive that is encrypted by TrueCrypt. TrueCrypt does not block the trim operation on partitions that are within the key scope of system encryption (unless a hidden operating system is running) and under Linux on all volumes that use the Linux native kernel cryptographic services. In those cases, the adversary will be able to tell which sectors contain free space (and may be able to use this information for further analysis and attacks) and plausible deniability may be negatively affected. If you want to avoid those issues, do not use system encryption on drives that use the trim operation and, under Linux, either configure TrueCrypt not to use the Linux native kernel cryptographic services or make sure TrueCrypt volumes are not located on drives that use the trim operation.

To find out whether a device uses the trim operation, please refer to documentation supplied with the device or contact the vendor/manufacturer.

Next Section >>

Search • Legal Notices

www.truecrypt.org


			B r i e f S i t e m a p Information Homepage Frequently Asked Questions Planned Features News Downloads Latest Stable Release (Windows) Latest Stable Release (OS X) Latest Stable Release (Linux) Past Versions Public Key Additional Downloads Communication & Publicity Contact Page Forums News Public Key Miscellaneous Screenshots Search Statistics Legal Notices Links Complete Sitemap