[dm-crypt] Tcrypt hidden volume

Arno Wagner arno at wagner.name
Tue Jul 2 03:25:58 CEST 2013

On Tue, Jul 02, 2013 at 03:05:38AM +0200, Arno Wagner wrote:
> On Mon, Jul 01, 2013 at 09:17:03PM +0200, Milan Broz wrote:
> > On 1.7.2013 12:33, Jan Janssen wrote:
> > >Hi,
> > >
> > >while testing how the tcrypt passphrase + keyfile logic works, I
> > >realized that there doesn't seem to be a way to protect the hidden
> > >volume from being damaged by writes to a mounted outer volume like
> > >truecrypt does. I think this deserves a warning in the man page
> > >since this is a potential data loss.
> > 
> > Yes, you are right. There is no protection of hidden volume once
> > outer volume is mounted.
> > (BTW the protection itself reveals hidden volume existence.)
> > 
> > Protection can be done on DM (kernel level) quite easily
> > (map this linear part to virtual zero or error target masking
> > out the data underneath) but it would require quite big changes
> > in cryptsetup wrapper (which was meant to be simple 1:1 mapping).
> > So I decided to ignore this problem for now...
> > 
> > But yes, there should be some note in man page.
> I have just added one. It seems to me that the TrueCrypt
> documentation itself is fuzzy in this issue. The page
> at http://www.truecrypt.org/docs/hidden-volume
> does describe how it works and it is easy to conclude 
> that opening the outer volume can compromise the inner 
> one, but there is no clear warning to that effect. 
> Also missing is a warning that having an outer volume 
> that has not been mounted forever and only has old data
> is suspicuous in itself. I think the idea of hidden volumes
> is not too useful at this time. There would need to be a 
> way to regularly use the outer volume to change that.
> Not that I have any idea how to do that without giving 
> away that there _is_ a hidden volume.
> Anyways, added both warnings to the man-page in git.

I just saw that there is a way in TrueCrypt to protect
the hiden volume:

Not that this is really better, as it will leave filesystem
annomalies and possible error messages that indicate the
presence of a hidden volume. The TrueCrypt documentation
claims as they make both volumes read-only immediately
after a write that would have damaged the hidden volume,
they preserve plausible deniability. I seriously doubt
the validity of that. Looks more like their will
be truncated files and metadata that indicates a 
setting to read-only. If, for example, the disk this is
on has no CRC or other errors in its SMART log, then 
a device suddenly set read-only is not plausible.

Added a warning about this as well in the man-page.

Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare

More information about the dm-crypt mailing list