When the encrypted file container contains 100000 files and 500 GB of data, all of them must be decrypted/encrypted when the container is mounted/dismounted.
How can Truecrypt/Veracrypt perform this within a few seconds?
Asked
Active
Viewed 100 times
1 Answers
4
Think of it this way.
When you plug in a non encrypted external hard drive, does your computer read all of the data? No, it reads the partition table and some of the directory structure/MFT in order to display disk space usage and the root directory. The same thing occurs when an encrypted drive is mounted, whether it is Truecrypt, LUKS, or Bitlocker.
Disk encryption is block based, each block can be encrypted or decrypted independently of other blocks, to enable random access to the encrypted data. Only the data that needs to be read is read in order for the computer to understand what is being mounted, and thus only the blocks that need to be decrypted are decrypted.
Prior to disk access occurring, the mounting process must first determine the key and encryption method using the password or key material provided, this is very quick unless you have a custom iteration count.
Additionally, on many drives, the read/write speed is far slower than the cryptography speed the computer is able to handle, so there is no perceptible loss of performance due to encryption overhead.
Richie Frame
- 13,278
- 1
- 26
- 42