Silk Road forums
Discussion => Security => Topic started by: spor on May 28, 2012, 01:20 pm
-
Situation: Many people use truecrypt containers to store SR related information. Usually there's a regular volume with unimportant data and a hidden volume for the actual stuff, granting plausible deniability. The data is pretty valuable, so backups are stored on different physical media.
Problem: Some lazy person might not update the backups every time he or she modifies the original truecrypt container, so most of the time there are multiple versions present.
Question to the crypto experts: Is it safe?
AFAIK the hidden volume is stored at the end of the file. By comparing two copies of a truecrypt container where the hidden volume of one of them has been modified, can it be proven that a hidden volume exists? Does a modified copy of a truecrypt container pose any other vulnerabilities? What's the backup strategy of people who really know what they are doing?
-
All of this is addressed in the truecrypt FAQ. You should go to their site and read it for more information - they go pretty into detail. But the short answer is yes, it can be proven that bits of the "unused" section of the container are changing over time, which one could use to prove the existence of a hidden volume. It seems like a way to get around this is to always re-write the entire unused section of the outer volume, creating new random information each time and making it impossible to know if there is a hidden volume. Read the truecrypt FAQ for more info.
-
Ooops, I didn't rtfm enough. Thanks for pointing me there. General advice: Do never keep modified clones of containers, as not only the existence of a hidden volume can be proven (thereby losing plausible deniability), but it may also weaken the security of encryption, since the same key is used for different content.
I recommend reading all of the truecrypt documentation, not just the FAQ. There are loads of important things to consider.
Relevant to this topic are at least the following sections:
hxxp://www.truecrypt.org/docs/hidden-volume-precautions
hxxp://www.truecrypt.org/docs/how-to-back-up-securely
Regarding backups on USB sticks:
hxxp://www.truecrypt.org/docs/wear-leveling