Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schneier, UW Team Show Flaw In TrueCrypt Deniability

Posted by timothy on from the can't-prove-that-you-didn't-not-not-write-that dept.

An anonymous reader writes "Bruce Schneier and colleagues from the University of Washington have figured out a way to break the deniability of TrueCrypt 5.1a's hidden files. What about the spanking-new TrueCrypt 6? Schneier says that 'The new version will definitely close some of the leakages, but it's unlikely that it closed all of them.' Meanwhile, PC World is reporting that the problems Schneier and colleagues found are bigger than just TrueCrypt. Among their discoveries: Word auto-saves the contents of encrypted files to the unencrypted portions of your disk, and this problem should apply to all non-full disk encryption software. Their research paper will appear at Usenix HotSec '08."

7 of 225 comments (clear)

  1. Re:Get A Mac by serviscope_minor · · Score: 3, Interesting

    True Crypt has a problem eh... Windows should build in a encryption program like on Mac OS X. It would stop a lot problems and it would be Microsoft managed and it would work better because they have all the code for the OS and can provide a better service. In the Mac OS, there are no bugs that I have discovered yet on the built in encryption program. I would hope that True Crypt fixes this bug because it is a great program.

    I know there's often mindless maclove on /., but please try to think before posting. So, just to play along, what software do you propose to use on the mac to provide deniable encryption?

    --
    SJW n. One who posts facts.
  2. Won't really matter by MikeRT · · Score: 3, Interesting

    Any government that would force you to give up such information short of a very serious incident is one that will likely torture the shit out of you until it has proven that either you have a will of steel or don't have an encrypted volume. The "hackers" used in the article are a red herring.

  3. Deniability on SSD? by Anonymous Coward · · Score: 5, Interesting

    This has been bugging me and I wonder if anyone out there can answer this: would the write-leveling used by flash drives defeat deniability as well? After all, if the most recently written-to portions of the drive are in a supposedly unused block, isn't that a bit of a giveaway?

  4. Turtles all the way down. by Zarhan · · Score: 3, Interesting

    Depends, but then you can do turtles all the way down.

    So, have an encrypted (obviously visible volume) that has "boring" stuff in it, like your basic groceries accounting and letters to grandma. Have a hidden volume that has embarassing but non-incriminating stuff (porn folders). Have a hidden volume inside THAT that contains embarassing stuff that you'd pretend people shouldn't really want to find out (eg. gay porn). Have a hidden volume inside that that contains your master plan of converting all WoW players into your army of midgets to take over the world...add as many layers as you want.

    That's the idea with the deniability, They can never know if there actually is a hidden volume in there. So assuming torture, you are probably so lost yourself that you cannot even remember the scheme yourself anymore...Even if they go with the assumption that since you are using Truecrypt there MUST be a hidden volume - but there's no way to know how many nested hidden volumes there are.

  5. Re:Let me get this straight by Hatta · · Score: 4, Interesting

    Anyway, now Im rambling, but I use truecrypt only on my secure linux box, which doesnt have these problems

    Are you sure? Have you checked your ~/.bash_history file? Are you sure your editor isn't leaving autosaves in /tmp? There could even be plain text in your swap partition. It's hard to really know.

    If I needed plausible deniability I'd put a virtualbox image in the deniable container. Then I'd turn off swap and link ~/.bash_history to /dev/null. And I'm sure I've forgotten something.

    --
    Give me Classic Slashdot or give me death!
  6. Re: BitLocker Backdoor- Source? by Coopjust · · Score: 4, Interesting

    I'm replying to myself, but I have additional info to add.

    [...] it captures live data on the computer, which is why it's important for agents not to shut down the computer first, Fung said. A law enforcement agent connects the USB drive to a computer at the scene of a crime and it takes a snapshot of important information on the computer. It can save information such as what user was logged on and for how long and what files were running at that time, Fung said. It can be used on a computer using any type of encryption software, not just BitLocker.

    So it looks like COFEE is a USB device that performs monitoring once Vista has been booted and logged in. Not having your BitLocker USB drive plugged in and not leaving your PC on would seem to defeat an attack by COFEE.

  7. Re:Let me get this straight by MrNaz · · Score: 4, Interesting

    It seems to me that the best way to get this done would be for a bunch of guys (ideally with the paranoia of the OpenBSD guys) set about creating a Linux distro with all these things built in. It would obviously not be one built for performance, but it would be fully secured out of the box with encrypted swap, /tmp set as a ramdisk (optionally for users with enough ram or encrypted for those who don't), all installed apps (from vim to OpenOffice) configured to use secure areas for temp files etc etc.

    Such a distro would mean having that level of paranoia would not arouse as much suspicion, as you could just say "Meh, I run Paranoia Linux coz I heard it was secure" and not look like you put much effort into it.

    So, any takers on this project? I would, but I'm sucky at this kind of thing.

    --
    I hate printers.