[dm-crypt] Tcrypt hidden volume

Arno Wagner arno at wagner.name
Tue Jul 2 23:54:09 CEST 2013


On Tue, Jul 02, 2013 at 02:45:36AM -0700, Justin Tracey wrote:
> On 07/01/2013 06:25 PM, Arno Wagner wrote:
> >I just saw that there is a way in TrueCrypt to protect
> >the hiden volume:
> >http://www.truecrypt.org/docs/hidden-volume-protection
> >
> >Not that this is really better, as it will leave filesystem
> >annomalies and possible error messages that indicate the
> >presence of a hidden volume. The TrueCrypt documentation
> >claims as they make both volumes read-only immediately
> >after a write that would have damaged the hidden volume,
> >they preserve plausible deniability. I seriously doubt
> >the validity of that. Looks more like their will
> >be truncated files and metadata that indicates a
> >setting to read-only. If, for example, the disk this is
> >on has no CRC or other errors in its SMART log, then
> >a device suddenly set read-only is not plausible.
> >
> >Added a warning about this as well in the man-page.
> >
> >Arno
> Maybe this is a bit nit-picky, but as is I think the man entry goes
> too into too much detail as to why and doesn't make clear enough as
> to what is going to happen. IMO, it should just clearly state
> something to the effect of "There is no protection of hidden
> volumes. If you mount a TrueCrypt outer volume and write to it,
> expect data in the hidden volume to be lost." and maybe a brief
> blurb about how the secrecy of hidden volumes is questionable. The
> rest of the information can go into the FAQ or somewhere.

I thought about this. But the problem is that when security
properties are concernet, the intuition of many people fails.
For this reason I like to be a bit more verbose in the man-page 
than strictly needed.

Arno
-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare


More information about the dm-crypt mailing list