Re: [Full-disclosure] Encrypted files and the 5th amendment



On Wed, 2011-07-13 at 00:45 +0200, Ferenc Kovacs wrote:
On Wed, Jul 13, 2011 at 12:39 AM, Tim <tim-security@xxxxxxxxxxxxxxxxxxx> wrote:
Actually, there is no way to tell if the there is another encrypted
volume in existence or not. One might stipulate that there "could" be
if the filesize is obvious, but when you get into gig size files that
are storing small amounts of data, that argument loses value.

Well, yes, if you are trying to hide small amounts of data, then there
are many ways to do it with plausible deniability. I thought you were
talking about booting entire separate OSes based on boot-time
password. Would be hard to hide that amount of data without at least
raising suspicion to a determined investigator.

Then again, many investigators are not determined. Keep the partition
small, put it inside another encrypted partition, maybe they'll miss
it.


check out the link in the last mail, seems to be what you are looking after.
http://www.truecrypt.org/docs/?s=hidden-volume
http://www.truecrypt.org/docs/?s=hidden-operating-system

Don't forget that for "hidden" partitions (essentially virtual
partitions written within a giant encrypted file) to be undiscoverable a
disk must be sullied first. The "encrypted filler" is only effective if
there are truly random bits to first encrypt, or at least enough old
data being overwritten that the distinction between "used" and "unused"
space is difficult to discern.

The simple statement that "how much of the space is used is
undiscoverable" is, as a blanket statement, wrong. In most cases we
encountered (sorry for the ambiguity here, but it will remain) subjects
had used new, high capacity disks which had never been written to to
store their encrypted partitions. It was fairly clear which parts were
written to and which weren't, so determining volume sizes was possible.
This is because making any significantly large data field appear truly
random is almost impossible when starting from actual zero, and TruCrypt
does not have the magic answer to this (nor does LUKS or anything else
-- actual old use data is a lot more random than zero in all cases).

http://opensource.dyc.edu/random-vs-encrypted

/*
Anyway, there are deep reasons why the 4th Amendment can be trusted a
lot more than the paranoid fear. That doesn't mean that these
discussions about civil liberty should not be made increasingly loud and
public, however. Unfortunately our freedoms are intimately tied to our
market freedoms, and Americans are having dangerously uninformed public
discussions about economics (without realizing they are discussing
economics) in the form of tariff, social welfare, fiscal trade
regulation and immigration debate. It is these form of debate in the
interest of the "greater/public good" that will lead to us losing our
privacy and freedom. It is not plausible that a creepy "They" of the
Dark-Cabal-That-Controls-Everything variety will arrive suddenly on the
scene and trample the Constitution. The path to the loss of freedom is
very subtle, indirect and decorated with the lingua gloria of freedom,
justice and free bags of money for all.

Links to concrete (not paranoid) discussion of such issues:
http://zxq9.com/archives/398
http://zxq9.com/archives/461
http://zxq9.com/archives/423
http://zxq9.com/archives/393

I mention this only as it relates to personal encryption being more of a
social issue relating to economic and political freedom and the right to
privacy than a technical one.
*/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: OS X woes
    ... with Hard Disk Toolkit I could encrypt whole drive partitions. ...
    (comp.sys.mac.hardware.misc)
  • Re: Encrypt root-partition?
    ... > No, you won't be able to boot, because there's no way to read /boot. ... You could place /boot on a separate partition (which is ... Why would one want to encrypt the root-partition. ... Normally it is sufficient to encrypt these partitions. ...
    (alt.os.linux.suse)
  • Re: [opensuse] OS 12.3 encrypted home asks 4 times for password at boot
    ... However there is no way to encrypt ... the / during install. ... How boot.crypto can be related to whole root encryption? ... prepare the partitions with the Max OSX Disk Utility, ...
    (SuSE)
  • Windows XP file encryption...Help Please!!
    ... I had an install of Windows XP Pro on a hard disk with 2 partitions. ... (When you right click on a file, select Properties, Advanced, Encrypt ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Encryption:
    ... If you could be more specific, WHAT you want to encrypt? ... Partitions, file systems -> cryptsetup ... I would recommend cryptsetup+luks. ...
    (Fedora)