LibreCrypt: Open-Source disk encryption for Windows
The latest version of this document can be found at the LibreCrypt project site
Regardless of which installation procedure is used 'Safe Boot' needs to be disabled first, it is not possible to use 'Test Signed' drivers with this on. Once installed it should be possible to turn it on again.
There have been reports that Kapsersky anti-virus falsely reports LibreCrypt as a virus. Please disable this before installing.
If you wish to use LibreCrypt in portable mode, you do not have to carry out the installation described below; simply:
Then you can then start using LibreCrypt in Portable Mode.
Alternatively, to install the app, which will allow non-administrator users to create and open containers, run InstallLibreCrypt_vNN.exe as described below.
A manual installation procedure is also detailed below.
For this step, you may see the standard UAC consent/credential dialog because you are about to install a device driver, which requires administrator privileges. Authorise LibreCrypt to continue by clicking "Allow" or entering your Administrator's password to continue.
Either:
Or:
These steps will install and setup a container in a minimalist installation. With these steps complete, you may now use LibreCrypt to create and open LibreCrypt and Linux encrypted containers.
The drivers installed are configured such that they do not automatically startup when your system boots. Once you are happy that LibreCrypt is stable enough, you may return to the driver management dialog, select each driver in turn, and set them to start automatically at system startup.
Note: In order to use LibreCrypt, you must have the following drivers installed, and running as the bare minimum for LibreCrypt to operate correctly:
A number of the cyphers (e.g. RC6 and Twofish) have multiple drivers; these reflect different implementations (e.g. LibreCrypt comes with three Twofish implementations; one based on the libtomcrypt library, one based on the optimised reference implementation, and one based on Brian Gladman's implementation). Each of these drivers provides pretty much the same functionality, it's just the implementation that differs.
Were multiple drivers are provided for the same cypher, you only need to install one of them. You can mix drivers based on different implementations (e.g. install the Gladman version of Twofish, while installing the libtomcrypt version of AES). Installing all of the drivers them is harmless, but does mean that you'll be prompted which one to use during opening a container, if more than one can be used to encrypt/decrypt that container.
Because of potential changes within the driver API, you must ensure that you completely uninstall your existing LibreCrypt installation before installing and using the latest version. Please see the section on uninstalling for details on how to do this. This does not apply if upgrading from FreeOTFE 5.2 to LibreCrypt 6.0, as the driver API is the same.
LibreCrypt dropped support for containers created in these versions in LibreCrypt version 6.3.
Containers created with these versions will not open in LibreCrypt 6.3 or later.
The easiest way to update your container files to the new format is to: * Open the containers in LibreCrypt version 6.2 or before, or FreeOTFE 5.2 * Change the container passwords by selecting "Tools | Change Container/keyfile password/details...".
IMPORTANT: If you created any ".les" (Linux Encryption Settings) files, please double check the next time you reload them, and ensure that your settings are correct. Changes due to ongoing development may cause some settings to change; to fix, simply confirm your settings are correct, and save them out again.