Introduction

Beginner's Tutorial

System Encryption

 Supported Systems

 Hidden Operating System

 Rescue Disk

Plausible Deniability

 Hidden Volume

  Protection of Hidden Vol.

  Security Requirements

 Hidden Operating System

Parallelization

Pipelining

Hardware Acceleration

Encryption Algorithms

 AES

 Serpent

 Twofish

 Cascades

Hash Algorithms

 RIPEMD-160

 SHA-512

 Whirlpool

Technical Details

 Notation

 Encryption Scheme

 Modes of Operation

 Header Key Derivation

 Random Number Gen.

 Keyfiles

 Volume Format Spec.

 Standards Compliance

 Source Code

TrueCrypt Volume

 Creating New Volumes

 Favorite Volumes

 System Favorite Volumes

Main Program Window

 Program Menu

 Mounting Volumes

Supported Systems

Portable Mode

Keyfiles

Tokens & Smart Cards

Language Packs

Hot Keys

Security Model

Security Requirements

 Data Leaks

  Paging File

  Hibernation File

  Memory Dump Files

 Unencrypted Data in RAM

 Physical Security

 Malware

 Multi-User Environment

 Authenticity and Integrity

 New Passwords & Keyfiles

 Password/Keyfile Change

 Trim Operation

 Wear-Leveling

 Reallocated Sectors

 Defragmenting

 Journaling File Systems

 Volume Clones

 Additional Requirements

Command Line Usage

Backing Up Securely

Miscellaneous

 Use Without Admin Rights

 Sharing over Network

 Background Task

 Removable Medium Vol.

 TrueCrypt System Files

 Removing Encryption

 Uninstalling TrueCrypt

 Digital Signatures

Troubleshooting

Incompatibilities

Issues and Limitations

License

Future Development

Acknowledgements

Version History

References

   

Plausible Deniability Search

Disclaimers





Please consider making a donation.

   Donate Now >> Donate   


Plausible Deniability

In case an adversary forces you to reveal your password, TrueCrypt provides and supports two kinds of plausible deniability:

  1. Hidden volumes (see the section Hidden Volume) and hidden operating systems (see the section Hidden Operating System).

  2. Until decrypted, a TrueCrypt partition/device appears to consist of nothing more than random data (it does not contain any kind of "signature"). Therefore, it should be impossible to prove that a partition or a device is a TrueCrypt volume or that it has been encrypted (provided that the security requirements and precautions listed in the chapter Security Requirements and Precautions are followed). A possible plausible explanation for the existence of a partition/device containing solely random data is that you have wiped (securely erased) the content of the partition/device using one of the tools that erase data by overwriting it with random data (in fact, TrueCrypt can be used to securely erase a partition/device too, by creating an empty encrypted partition/device-hosted volume within it). However, you need to prevent data leaks (see the section Data Leaks) and also note that, for system encryption, the first drive track contains the (unencrypted) TrueCrypt Boot Loader, which can be easily identified as such (for more information, see the chapter System Encryption). When using system encryption, plausible deniability can be achieved by creating a hidden operating system (see the section Hidden Operating System).

    Although file-hosted TrueCrypt volumes (containers) do not contain any kind of "signature" either (until decrypted, they appear to consist solely of random data), they cannot provide this kind of plausible deniability, because there is practically no plausible explanation for the existence of a file containing solely random data. However, plausible deniability can still be achieved with a file-hosted TrueCrypt volume (container) by creating a hidden volume within it (see above).


Notes

  • When formatting a hard disk partition as a TrueCrypt volume (or encrypting a partition in place), the partition table (including the partition type) is never modified (no TrueCrypt "signature" or "ID" is written to the partition table).

  • There are methods to find files or devices containing random data (such as TrueCrypt volumes). Note, however, that this should not affect plausible deniability in any way. The adversary still should not be able to prove that the partition/device is a TrueCrypt volume or that the file, partition, or device, contains a hidden TrueCrypt volume (provided that you follow the security requirements and precautions listed in the chapter Security Requirements and Precautions and in the subsection Security Requirements and Precautions Pertaining to Hidden Volumes).





 Ads by Google 




  Next Section >>


Legal Notices www.truecrypt.org

 Ads by Google