144
Note that this specification applies to volumes created by TrueCrypt 7.0 or later. The format of file-
hosted volumes is identical to the format of partition/device-hosted volumes (however, the "volume
header", or key data, for a system partition/drive is stored in the last 512 bytes of the first logical
drive track). TrueCrypt volumes have no "signature" or ID strings. Until decrypted, they appear to
consist solely of random data.
Free space on each TrueCrypt volume is filled with random data when the volume is created.
*
The
random data is generated as follows: Right before TrueCrypt volume formatting begins, a
temporary encryption key and a temporary secondary key (XTS mode) are generated by the random
number generator (see the section
Random Number Generator
). The encryption algorithm that the
user selected is initialized with the temporary keys. The encryption algorithm is then used to
encrypt plaintext blocks consisting of zeroes. The encryption algorithm operates in XTS mode (see
the section
Modes of Operation
). The resulting ciphertext blocks are used to fill (overwrite) the free
space on the volume. The temporary keys are stored in RAM and are erased after formatting
finishes.
The fields located at byte #0 (salt) and #256 (master keys) contain random values generated by the
random number generator (see the section
Random Number Generator
)
during the volume creation
process. If a TrueCrypt volume hosts a hidden volume (within its free space), the header of the
hidden volume is located at byte #65536 of the host volume (the header of the host/outer volume is
located at byte #0 of the host volume – see the section
Hidden Volume
). If there is no hidden
volume within a TrueCrypt volume, bytes 65536–131071 of the volume (i.e., the area where the
header of a hidden volume can reside) contain random data (see above for information on the
method used to fill free volume space with random data when the volume is created). The layout of
the header of a hidden volume is the same as the one of a standard volume (bytes 0–65535).
The maximum possible TrueCrypt volume size is 2
63
bytes (8,589,934,592 GB). However, due to
security reasons (with respect to the 128-bit block size used by the encryption algorithms), the
maximum allowed volume size is 1 PB (1,048,576 GB).
Dostları ilə paylaş: