This sounds crazy, but: Howto encrypt a USB disk with Ext3 filesystem and use it in (Ubuntu) Linux and Windows.

This HowTo is based on dm-crypt and especially on the tutorial at http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDevice by William Owen Smith.

• Install the cryptsetup package (e.g with synaptics)
• Insert the kernel module and add it to your default modules with:

sudo -s
modprobe dm_crypt
echo "dm_crypt" >> /etc/modules

• If your drive isn't partitioned already, partition it now, e.g. with the gparted partition manager.

sudo gparted

• Unmount the partition you want to encrypt. Remember the name of the partition (e.g. /dev/sdc1). I'll call this <partition> from now on.
• If you want it secure, you should check if the disk is okay and initialize the disk with random data. You can do both steps with this command:

/sbin/badblocks -c 10240 -s -w -t random -v <partition>

• Encrypt the partition now. Remember, it has to be unmounted before. It will ask for a password for the encryption. If you want to mount the partition in windows, I think you have to use the AES encryption, which should be the default for this command:

sudo cryptsetup luksFormat <partition>

• Open (i.e. “map”) the new partition, choose a name for it. I'll call it <crypt_partition> here.

sudo cryptsetup luksOpen <partition> <crypt_partition>

• Format the new encrypted partition. For an USB stick, I would recommend to use Ext2 or VFAT. Note that Ext2 and Ext3 file systems will need a special driver on Windows (see below), which might be not as fast as NTFS on Windows.

sudo mkfs.ext2 /dev/mapper/<crypt_partition>

• You can now put data into your encrypted partition like on any other partition. Since we have opened the encrypted partition with luksOpen, the partition will be unlocked until you execute

sudo cryptsetup luksClose <crypt_partition>.

• On newer Linux Distributions, everytime you plug in the encrypted drive it will prompt you for a password and mount it automatically. The luksClose and unmount stuff will be handled automatically by your Desktop.

Before we can mount our encrypted disk with Ext3 on Windows, we need to install an Ext2/3 driver. One good driver is Ext2IFS, which works on (nearly?) all Windows versions.

Among other, smaller limitations, the driver does not support permissions/access rights in any way. FAQ

• Download and install the driver from http://www.fs-driver.org/. When it asks you to assign drive letters, enable the option that it assigns drive letters for removable drives automatically.

I haven't tested this yet, but if you do not use Windows Vista, http://www.chrysocome.net/explore2fs might be an option too.

• To mount the LUKS encrypted file system you have to install another driver. Install it from http://www.freeotfe.org/index.html.

Note: The Portable Mode is also very handy for an external drive. This driver is able to do lots of other encryption stuff, but I was only interested in mounting LUKS filesystems.

• Start the FreeOTFE program and go to File → Linux Volume… → Mount Partition… and select your encrypted partition.