Ping group, Drivecrypt weakness?

From: Boship (f_at_ke.com)
Date: 05/29/04


Date: Fri, 28 May 2004 23:13:52 +0100

I am interested in the question of whether or not it can be proved
that a file is a Drivecrypt container, without having the passphrase.

In Drivecrypt 303c, when a container is being created, you can see a
string of random-looking numbers being generated when clicking the
mouse.

I'm guessing that this string of numbers is used somehow to
"randomise" the hash of the passphrase, and/or "randomise" where in
the file it is stored.

Given the string of the random-looking numbers, the hash of the
passphrase, and a hex dump of the resulting container (possibly for a
large number of containers), it does not seem to me to be an
insurmountable task to deduce the algorithm used for "hiding" the hash
of the passphrase. This algorithm may be badly designed, such that a
test for a Drivecrypt container could be produced.

On the other hand it may well be that the hash "hiding" algorithm used
results in an essentially "random" file of numbers, but that in itself
would give a strong indication of encryption - other files being very
unlikely to have such a high degree of randomness.

Am I talking through my backside here or what?



Relevant Pages

  • Re: Is there really any point to encryption?
    ... > I may be wrong as I have never used Truecrypt/Bestcrypt, ... > waving a red flag to them that there is indeed another passphrase. ... if there were no way for the "outside" container to ... aware of the outer container, it's liable to overwrite critical sectors ...
    (alt.privacy)
  • Re: Is there really any point to encryption?
    ... >> I may be wrong as I have never used Truecrypt/Bestcrypt, ... >> waving a red flag to them that there is indeed another passphrase. ... as well as the other container. ... > Either that, or the outer container would have to be somehow locked, ...
    (alt.privacy)
  • Re: [Telecom] If Your Hard Drive Could Testify ...
    ... make you give up the passphrase or security file to it? ... TrueCrypt has a feature where you can specify any filespecas the ... container that contains another hidden container within it, ... provides access to the decoy files, with the rest of the container ...
    (comp.dcom.telecom)
  • passphrase security under IE - what trust ?
    ... I would like to have your advice upon the passphrase ... securing the access to the certificate into the IE container. ...
    (microsoft.public.windowsxp.security_admin)
  • security of the passphrase in Windows
    ... I would like to have your advice upo the passphrase ... securing the access to the certificate into the IE container. ...
    (comp.security.misc)