Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Deniable encryption
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Detection=== The existence of hidden encrypted data may be revealed by flaws in the implementation.<ref>{{cite journal |author=Adal Chiriliuc |title=BestCrypt IV generation flaw |date=2003-10-23 |url=http://adal.chiriliuc.com/bc_iv_flaw.php |accessdate=2006-08-23 |archive-url=https://web.archive.org/web/20060721044156/http://adal.chiriliuc.com/bc_iv_flaw.php |archive-date=2006-07-21 |url-status=dead }}</ref>{{Self-published inline|date=March 2024|certain=y}} It may also be revealed by a so-called [[watermarking attack]] if an inappropriate cipher mode is used.<ref>[title=https://lists.gnu.org/archive/html/qemu-devel/2013-07/msg04229.html {{Webarchive|url=https://web.archive.org/web/20160702002846/https://lists.gnu.org/archive/html/qemu-devel/2013-07/msg04229.html |date=2016-07-02 }} [Qemu-devel] QCOW2 cryptography and secure key handling]</ref> The existence of the data may be revealed by it 'leaking' into non-encrypted disk space<ref>{{Cite web |url=http://news.techworld.com/security/102171/encrypted-hard-drives-may-not-be-safe/ |title=Encrypted hard drives may not be safe: Researchers find that encryption is not all it claims to be. |access-date=2011-10-08 |archive-date=2013-03-30 |archive-url=https://web.archive.org/web/20130330154644/http://news.techworld.com/security/102171/encrypted-hard-drives-may-not-be-safe/ |url-status=dead }}</ref> where it can be detected by [[Computer forensics|forensic]] tools.<ref>http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=3970 {{Webarchive|url=https://web.archive.org/web/20140905190638/http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=3970 |date=2014-09-05 }} Is there any way to tell in Encase if there is a hidden truecrypt volume? If so how?</ref>{{Self-published inline|date=March 2024|certain=y}} Doubts have been raised about the level of plausible deniability in 'hidden volumes'<ref>{{Cite web |url=https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions#c17 |title=Plausible deniability support for LUKS |access-date=2015-07-03 |archive-date=2019-10-21 |archive-url=https://web.archive.org/web/20191021003129/https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions#c17 |url-status=live }}</ref>{{Self-published inline|date=March 2024|certain=y}} – the contents of the "outer" container filesystem have to be 'frozen' in its initial state to prevent the user from corrupting the hidden volume (this can be detected from the access and modification timestamps), which could raise suspicion. This problem can be eliminated by instructing the system not to protect the hidden volume, although this could result in lost data.{{Cn|date=March 2024}}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)