Version Information



Yüklə 5,12 Kb.
Pdf görüntüsü
səhifə36/130
tarix07.01.2024
ölçüsü5,12 Kb.
#205371
1   ...   32   33   34   35   36   37   38   39   ...   130
TrueCrypt User Guide

Hidden Operating System 
If your system partition or system drive is encrypted using TrueCrypt, you need to enter your pre-
boot authentication password in the TrueCrypt Boot Loader screen after you turn on or restart your 
computer. It may happen that you are forced by somebody to decrypt the operating system or to 
reveal the pre-boot authentication password. There are many situations where you cannot refuse 
to do so (for example, due to extortion). TrueCrypt allows you to create a hidden operating system 
whose existence should be impossible to prove (provided that certain guidelines are followed — 
see below). Thus, you will not have to decrypt or reveal the password for the hidden operating 
system. 
Before you continue reading this section, make sure you have read the section 
Hidden Volume
 
and that you understand what a hidden TrueCrypt volume is. 

hidden operating system
is a system (for example, Windows 7 or Windows XP) that is installed 
in a hidden TrueCrypt volume. It should be impossible to prove that a hidden TrueCrypt volume 
exists (provided that certain guidelines are followed; for more information, see the section 
Hidden 
Volume
) and, therefore, it should be impossible to prove that a hidden operating system exists.
However, in order to boot a system encrypted by TrueCrypt, an unencrypted copy of the TrueCrypt 
Boot Loader has to be stored on the system drive or on a TrueCrypt Rescue Disk. Hence, the mere 
presence of the TrueCrypt Boot Loader can indicate that there is a system encrypted by TrueCrypt 
on the computer. Therefore, to provide a plausible explanation for the presence of the TrueCrypt 
Boot Loader, the TrueCrypt wizard helps you create a second encrypted operating system, so-
called 
decoy operating system
, during the process of creation of a hidden operating system. A 
decoy operating system must not contain any sensitive files. Its existence is not secret (it is 
not
installed in a hidden volume). The password for the decoy operating system can be safely revealed 
to anyone forcing you to disclose your pre-boot authentication password.
*
You should use the decoy operating system as frequently as you use your computer. Ideally, you 
should use it for all activities that do not involve sensitive data. Otherwise, plausible deniability of 
the hidden operating system might be adversely affected (if you revealed the password for the 
decoy operating system to an adversary, he could find out that the system is not used very often, 
which might indicate the existence of a hidden operating system on your computer). Note that you 
can save data to the decoy system partition anytime without any risk that the hidden volume will 
get damaged (because the decoy system is 
not
installed in the outer volume — see below). 
There will be two pre-boot authentication passwords — one for the hidden system and the other for 
the decoy system. If you want to start the hidden system, you simply enter the password for the 
hidden system in the TrueCrypt Boot Loader screen (which appears after you turn on or restart 
your computer). Likewise, if you want to start the decoy system (for example, when asked to do so 
by an adversary), you just enter the password for the decoy system in the TrueCrypt Boot Loader 
screen. 
Note: When you enter a pre-boot authentication password, the TrueCrypt Boot Loader first 
attempts to decrypt (using the entered password) the last 512 bytes of the first logical track of the 
system drive (where encrypted master key data for non-hidden encrypted system partitions/drives 
*
It is not practical (and therefore is not supported) to install operating systems in two TrueCrypt volumes that are 
embedded within a single partition, because using the outer operating system would often require data to be written to 
the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection 
feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). 


48 
are normally stored). If it fails and if there is a partition behind the active partition, the TrueCrypt 
Boot Loader (even if there is actually no hidden volume on the drive) automatically tries to decrypt 
(using the same entered password again) the area of the first partition behind the active partition
*
 
where the encrypted header of a possible hidden volume might be stored. Note that TrueCrypt 
never knows if there is a hidden volume in advance (the hidden volume header cannot be 
identified, as it appears to consist entirely of random data). If the header is successfully decrypted 
(for information on how TrueCrypt determines that it was successfully decrypted, see the section 
Encryption Scheme
), the information about the size of the hidden volume is retrieved from the 
decrypted header (which is still stored in RAM), and the hidden volume is mounted (its size also 
determines its offset). For further technical details, see the section 
Encryption Scheme
 in the 
chapter 
Technical Details

When running, the hidden operating system appears to be installed on the same partition as the 
original operating system (the decoy system). However, in reality, it is installed within the partition 
behind it (in a hidden volume). All read/write operations are transparently redirected from the 
system partition to the hidden volume. Neither the operating system nor applications will know that 
data written to and read from the system partition is actually written to and read from the partition 
behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual 
(with an encryption key different from the one that is used for the decoy operating system). 
Note that there will also be a third password — the one for the 

Yüklə 5,12 Kb.

Dostları ilə paylaş:
1   ...   32   33   34   35   36   37   38   39   ...   130




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin