Disk encryption software is a full disk encryption method,where the different types of software implement different functions and strategies for encryption of an entire disk drive, known as full disk encryption (FDE). Among the various methods, some FDE software will require the use of separate hardware, either for unlocking a drive, or storing the encryption keys, or in some cases both. Other FDE software may unlock the disk at the time the user logs into the computer, while others won't even boot the computer's operating system without authorization. Still other types distinguish themselves by the way they handle the format of the disk and the way the encryption is generated from the disk's structure.
Some disk encryption software implementations have deniable encryption. Here, the data is nested, where lower levels can be denied existence. If the user is required to give up the password for any reason, only certain data can be accessed, such as operating system files, programs, or data that the user has decided isn't really all that secret. The user shows compliance by giving up a password and seemingly unlocking the disk, yet the real secret data remains hidden beneath another password that remains secret.
In many cases where this plausible deniability is used, the software creates something of a volume within a volume. The main disk partition is loaded with one password, running the operating system and software, while a second, invisible disk partition is only accessible with the second password. Of course, this method only works well if the attacker isn't able to see any distinguishing characteristics of an underlying, encrypted data structure. To get around this, the software doesn't leave any marks lying around that indicate whether disk encryption is being used. To an outside observer the data seems random and uninteresting, unless the key to unlock it is known.
Some disk encryption software is designed to support or even require additional hardware devices that are used to unlock the disk. One such method is the use of expansion cards with an additional processor for handling the encryption and decryption of the data on the drive. Other hardware additions, such as smart cards or universal serial bus (USB) dongles, may need to be inserted into the computer to provide the key for unlocking the disk. Many of these hardware additions adhere to the Trusted Platform Module (TPM) specification, but only certain types of disk encryption software fully implement the TPM.
Lastly, various disk encryption software may work by using a file as the encrypted volume, a separate logical partition of a physical drive, or the entire disk. With full disk encryption software, everything is secured, including the information on how the disk is partitioned, the boot information, as well as the data. This type of FDE software will probably require some additional pre-boot password just to get the computer to start up the operating system. Furthermore, some software may not be capable of handling encryption for the power management techniques of the operating system, such as sleep or hibernation states.
Disk encryption software is not immune to attack techniques. In some software, brute-force dictionary attacks can be made against the passwords. Other types of software may use information about the disk's sectors in unsecured ways, allowing for the detection of encrypted files on a system. Another danger lies in the random access memory (RAM) in the computer, where the operating system has left remnants of the encryption keys. In what's called a cold boot attack, the computer can be quickly restarted and booted from a separate operating system, which can then read what was left over in the computer's RAM.