I'm in the process of encrypting my external hard drive and all my USB memory keys. I found a nice open source program called TrueCrypt that works well enough for me, but unfortunately its windows only. I know it is possible to encrypt disk images in linux and mount them as virtual filesystems, but what I want is compatibility with both Windows and Linux, otherwise it would be rather pointless as I'm dualbooting.
I realize truecrypt is not easily portable to linux because it's a driver (I think). But on the other hand, I think a simple user-space program would be all that's needed since the disk image should be decrypted when read from (like a pipe or something). So, to my question:
Is there anything that will decrypt a TrueCrypt disk image in Linux?
If not, is there any other open source disk encryption program that works with both linux and windows? HAL integration would be excellent (I think the LUKS project has it, but I'm not sure).

I don't know about windows compatibility, but using dm-crypt you can setup encrypted swap partitions and encrypted partitions.

From what I've read, dm-crypt is basically the same as a crypto loop device, which I read a tutorial about (but naturally forgot the link to :/), but it seems to be a better method from what I'm reading. Anyway, that approach has no equivalent in Windows, from what I know. But then I read that TrueCrypt partitions have no header (except for maybe some random data, I don't know for sure). Anyway, that got me thinking, wouldn't the end result be the same if I e.g. made a FAT partition in an image file and encrypted with TrueCrypt?
One of the nice things about USB memory is that it can be used to move data between computers. Solutions like dm-crypt is probably very good for fixed storage like hard drives. When using removable storage, putting entries in fstab is not really a good idea (what if you're not even root on that machine? assuming the encryption software is installed, of course). Anyway, if dm-crypt is the best program around It'll have to do...

Another thing, does anyone have experience with EncFS? What are the security considerations, how reliable is it and so on? I guess this question applies to any disk encryption program: Which methods can deal with unclean unmounts? External storage is extra vulnerable since you could accidentally unplug it. I've read somewhere that encrypted disks are sensitive to this...

Is there really no existing cross-platform solution for disk encryption? This would be a true killer app! Everyone owning a dual-booting laptop computer would want it. The only thing I've seen so far is LUKS, but that seems to be in very early development.

Well, part of the problem is there are not really any cross-platform file systems. Windows doesn't have any file systems that support a traditional unix permissions model and Windows doesn't have the ability to read any of the unix/linux file systems. You best bet is probably to keep an archive of pgp encrypted files or something like that.

FAT32 works with both systems. I know permissions is a problem, and another problem is the case-sensitivity in filenames, but that's what everyone that needs dual-booting has to live with, encryption or not. Dual-booting is my only solution (as I need to do some Win32 programming).
My problem is that I don't want to encrypt individual files. I want a solution where all my personal files (documents, mail, etc) is encrypted on the fly. I want to enter a password at boot-time and then be able to forget about it. Encrypted files is too much hassle (which, imho, is the biggest problem with security today).
Anyway, I found something called BestCrypt (www.jetico.com). It's a commercial product. Has anyone got experience with this program? It looks good "on the paper" except for that it is not free and open source. I prefer TrueCrypt, but unless there is some linux equivalent I might be forced to use BestCrypt. But I hope for a better option. What about the previously mentioned dm-crypt? Is there anything on Windows that will mount it?

Encripting individual files with gnupg for example is enough for both windows and Linux instead of encrypting whole filesystem.

Encrypting individual files is not what I'm looking for, as previously pointed out. To minimize damage in the unfortunate event that my laptop should get stolen, I want to encrypt ALL personal files stored on it.
Is it possible to create a disk image that is mountable in read/write in both operating systems and then encrypt the disk image on the fly with a file encrypting software? I guess this is how TrueCrypt works but since its format is not compatible with any linux encryption software (to the best of my knowledge), it does not suit my needs.

Here is another software that is supposed to work with linux
http://www.ce-infosys.com.sg/CeiNews_FreeCompuSec.asp
However, only a tiny number of kernels are supported... And still, open source is preferred.

I can answer part of that question. I've been using BestCrypt in Linux only (no dual boot systems, sorry) and it works just fine. I have not tested accessing a BestCrypt container in Windows that was created while booted in Linux, or vice-versa, so I can't speak to that. Although BestCrypt works OK, I'll be switching to TrueCrypt when the Linux version is released, as I don't trust closed-source encryption software.

Please post your experiences with BestCrypt in a dual-boot environment, if you please.

I've been looking for an encryption solution for both Linux and Windows for a long time. I kept using BestCrypt, and I can say that it worked well on both OS. The only annoying restriction is that you can not use container files larger than 2 GB on the Linux side. Recently I came across FreeOTFL (OTFL = On The Fly Encryption) on http://www.freeotfe.org/ and it seems that this program could turn out to be the one thing I'm looking for. It's a Windows program with Linux losetup compatibility, so if you use an encrypted FAT32 file system, you should be able to access it from Linux as well using the standard loop encryption mechanism. I didn't try it yet, though, because it's still considered a test version. If anyone gains any experience, please let me know!

I tried FreeOFTL, and it works OK, although I don't trust it completely. It doesn't support the default algorithms used by cryptsetup either (I think it was the MAC that needed to be changed to md5 or something like that -- I'm not sure about how this affects security).
It's a pity that the excellent TrueCrypt software is not compatible with cryptsetup files. That would've been THE solution to all crypto problems. I'm hoping for a fix in future releases Truecrypt is also FAST. Very fast. I tried using cryptsetup and I got like 6 MB/sec, while in TrueCrypt I got more like 30 MB/sec (using the same algo, aes256) (well, on different computers, but they had basically the same specs).

Thanks for your information!

I looked at the TrueCrypt website after reading your comment and I think we got reason for hope - "Linux Version" is the first issue listed under "Future" (http://truecrypt.sourceforge.net/future.php). So I guess I'll wait for that as well... taking extreme care of my laptop so long .

Umm, I dunno whether that's still of interest but TrueCrypt (now) does have a linux command line counterpart. See http://www.truecrypt.org/

TrueCrypt DOES work on both Linux and Windows. I use is on both. The encrypted containers are transferrable between systems. There is no GUI for Linux yet (planned for the future). But really, how hard can it be to run the three basic operations from the command line? Create a volume, mount it, unmount it. Up until the latest release (came out a month or two ago), you had to create your volumes on Windows but then you could mount them on Linux. The newest version allows Linux creation, so Windows does not figure into the mix anymore (except you can transfer volumes between OS'es if you want).