System Encryption: BitLocker And TrueCrypt Compared


It doesn't matter if you're coming to the table with two cores, four cores, modest clock rates, screaming frequencies, or even hardware-based AES acceleration. These factors don’t play a huge role in our tests today. Running real-time encryption on your system drive has a performance impact, whether you're using Microsoft's BitLocker or TrueCrypt 6.3a. However, the performance penalty is quite acceptable, and the hit is roughly the same whether you’re looking at a dual-core Core i5-600-series CPU or a quad-core Core i5-700-series chip. Still, we recommend being careful with older hardware, particularly on single-core systems where real-time encryption may noticeably slow down performance.

Microsoft’s BitLocker apparently has a few advantages via Intel’s new AES extensions. AES-NI is included on all Clarkdale-based Core i5 desktop processors (and most mobile models) and is also expected to be included with with all upcoming Intel CPUs positioned in the mainstream or above. But again, the advantages aren’t significant, and probably shouldn’t determine your buying decision.

Because there is such little impact on performance, this shootout turns into a feature battle—a battle Microsoft can't win with the current version of BitLocker. This isn’t because BitLocker is less capable. Rather, it was designed to be corporate-compliant. It supports the Trusted Platform Module and multiple authentication options, but the tool's real-life flexibility is limited.

TrueCrypt is much more capable, thanks to its support for multiple operating systems and encryption algorithms. It even allows for creating hidden partitions and "secure" systems based on a hidden primary and a visible decoy secondary operating system. Finally, we really like that TrueCrypt works on practically any system. Since the encryption can be rolled back, you should consider giving TrueCrypt a try.