Now that Intel offers hardware-based AES acceleration in a number of its mainstream processors, it's time to take a look at two of the most popular system encryption tools, BitLocker and TruCrypt, both of which are able to harness the hardware feature.
Microsoft has been shipping BitLocker drive encryption tool with Windows Vista and Windows 7 operating systems, but it's only available on the two highest-end editions, Enterprise and Ultimate. Fortunately, there is a powerful alternative to BitLocker for everyone else. TrueCrypt is open source and offers even more flexibility. We decided to compare the features and performance of both solutions.
We published a comprehensive article on TrueCrypt 6.1 just over a year ago. That story looked at the process of how to encrypt a Windows system partition, and we ran benchmarks, in addition to battery runtime tests on a notebook. The conclusion was promising: TrueCrypt 6 lets you encrypt and password-protect your entire system on the fly with only minor performance and battery life penalties.
By now, there's really no need to rehash the merits of encrypting user data, especially for the folks who handle sensitive information. Losing information to a failed drive is one thing, and it can typically be addressed, even if it's an expensive proposition (then again, you already know you should be running regular backups, right?). But data falling into the wrong hands can be an even more dire problem for businesses.
This time around, we wanted to double-check our findings with TrueCrypt against Microsoft's value-added BitLocker. Does it make sense to pay up for a higher-end Windows version to get this extra functionality, or will TrueCrypt do the exact same thing at no cost? Another reason to revisit encryption solutions is the availability of AES new instructions (AES-NI) in Intel’s Core i5 mainstream dual-core processors (Clarkdale) and the top-end, six-core Core i7 (Gulftown). Can BitLocker and TrueCrypt truly showcase the benefits of hardware-based AES acceleration? Let's find out.