Version Information


Security Requirements and Precautions Pertaining to Hidden Volumes



Yüklə 5,12 Kb.
Pdf görüntüsü
səhifə34/130
tarix07.01.2024
ölçüsü5,12 Kb.
#205371
1   ...   30   31   32   33   34   35   36   37   ...   130
TrueCrypt User Guide

Security Requirements and Precautions Pertaining to Hidden Volumes 
If you use a hidden TrueCrypt volume, you must follow the security requirements and precautions 
listed below in this section. Disclaimer: This section is not guaranteed to contain a list of 
all
security 
issues and attacks that might adversely affect or limit the ability of TrueCrypt to secure data stored 
in a hidden TrueCrypt volume and the ability to provide plausible deniability. 

If an adversary has access to a (dismounted) TrueCrypt volume at several points over time, he 
may be able to determine which sectors of the volume are changing. If you change the 
contents of a hidden volume (e.g., create/copy new files to the hidden volume or 
modify/delete/rename/move files stored on the hidden volume, etc.), the contents of sectors 
(ciphertext) in the hidden volume area will change. After being given the password to the outer 
volume, the adversary might demand an explanation why these sectors changed. Your failure 
to provide a plausible explanation might indicate the existence of a hidden volume within the 
outer volume. 
Note that issues similar to the one described above may also arise, for example, in the 
following cases: 
o
The file system in which you store a file-hosted TrueCrypt container has been 
defragmented and a copy of the TrueCrypt container (or of its fragment) remains in the 
free space on the host volume (in the defragmented file system). To prevent this, do 
one of the following: 
§
Use a partition/device-hosted TrueCrypt volume instead of file-hosted. 
§
Securely erase free space on the host volume (in the defragmented file system) 
after defragmenting. 
§
Do not defragment file systems in which you store TrueCrypt volumes. 
o
A file-hosted TrueCrypt container is stored in a journaling file system (such as NTFS). 
A copy of the TrueCrypt container (or of its fragment) may remain on the host volume. 
To prevent this, do one the following: 
§
Use a partition/device-hosted TrueCrypt volume instead of file-hosted. 
§
Store the container in a non-journaling file system (for example, FAT32). 
o
A TrueCrypt volume resides on a device/filesystem that utilizes a wear-leveling 
mechanism (e.g. a flash-memory SSD or USB flash drive). A copy of (a fragment of) the 
TrueCrypt volume may remain on the device. Therefore, do not store hidden volumes 
on such devices/filesystems. For more information on wear-leveling, see the section 
Wear-Leveling
 in the chapter 
Security Requirements and Precautions

o
A TrueCrypt volume resides on a device/filesystem that saves data (or on a 
device/filesystem that is controlled or monitored by a system/device that saves data) 


44 
(e.g. the value of a timer or counter) that can be used to determine that a block had 
been written earlier than another block and/or to determine how many times a block has 
been written/read. Therefore, do not store hidden volumes on such devices/filesystems. 
To find out whether a device/system saves such data, please refer to documentation 
supplied with the device/system or contact the vendor/manufacturer. 
o
A TrueCrypt volume resides on a device that is prone to wear (it is possible to 
determine that a block has been written/read more times than another block). 
Therefore, do not store hidden volumes on such devices/filesystems. To find out 
whether a device is prone to such wear, please refer to documentation supplied with the 
device or contact the vendor/manufacturer. 
o
You back up content of a hidden volume by cloning its host volume or create a new 
hidden volume by cloning its host volume. Therefore, you must not do so. Follow the 
instructions in the chapter 
How to Back Up Securely
 and in the section 
Volume Clones


Make sure that 
Quick Format
is disabled when encrypting a partition/device within which you 
intend to create a hidden volume. 

On Windows, make sure you have not deleted any files within a volume within which you intend 
to create a hidden volume (the cluster bitmap scanner does not detect deleted files). 

On Linux or Mac OS X, if you intend to create a hidden volume within a file-hosted TrueCrypt 
volume, make sure that the volume is not sparse-file-hosted (the Windows version of TrueCrypt 
verifies this and disallows creation of hidden volumes within sparse files). 

When a hidden volume is mounted, the operating system and third-party applications may write 
to non-hidden volumes (typically, to the unencrypted system volume) unencrypted information 
about the data stored in the hidden volume (e.g. filenames and locations of recently accessed 
files, databases created by file indexing tools, etc.), the data itself in an unencrypted form 
(temporary files, etc.), unencrypted information about the filesystem residing in the hidden 
volume (which might be used e.g. to identify the filesystem and to determine whether it is the 
filesystem residing in the outer volume), the password/key for the hidden volume, or other 
types of sensitive data. Therefore, the following security requirements and precautions must be 
followed:
o
Windows
: Create a hidden operating system (for information on how to do so, see the 
section 
Hidden Operating System
) and mount hidden volumes only when the hidden 
operating system is running. 
Note: When a hidden operating system is running, TrueCrypt ensures 
that all local unencrypted filesystems and non-hidden TrueCrypt volumes are read-only (i.e. no files can be 
written to such filesystems or TrueCrypt volumes).
*
Data is allowed to be written to filesystems within 
hidden TrueCrypt volumes.
Alternatively, if a hidden operating system cannot be used, use a 
"live-CD" Windows PE system (entirely stored on and booted from a CD/DVD) that 
ensures that any data written to the system volume is written to a RAM disk. Mount 
hidden volumes only when such a "live-CD" system is running (if a hidden operating 
system cannot be used). In addition, during such a "live-CD" session, only filesystems 
that reside in hidden TrueCrypt volumes may be mounted in read-write mode (outer or 
unencrypted volumes/filesystems must be mounted as read-only or must not be 
mounted/accessible at all); otherwise, you must ensure that applications and the 
operating system do not write any sensitive data (see above) to non-hidden 
volumes/filesystems during the "live-CD" session. 
*
This does not apply to filesystems on CD/DVD-like media and on custom, untypical, or non-standard devices/media. 


45 
o
Linux
: Download or create a "live-CD" version of your operating system (i.e. a "live" 
Linux system entirely stored on and booted from a CD/DVD) that ensures that any data 
written to the system volume is written to a RAM disk. Mount hidden volumes only when 
such a "live-CD" system is running. During the session, only filesystems that reside in 
hidden TrueCrypt volumes may be mounted in read-write mode (outer or unencrypted 
volumes/filesystems must be mounted as read-only or must not be mounted/accessible 
at all). If you cannot comply with this requirement and you are not able to ensure that 
applications and the operating system do not write any sensitive data (see above) to 
non-hidden volumes/filesystems, you must not mount or create hidden TrueCrypt 
volumes under Linux. 
o
Mac OS X
: If you are not able to ensure that applications and the operating system do 
not write any sensitive data (see above) to non-hidden volumes/filesystems, you must 
not mount or create hidden TrueCrypt volumes under Mac OS X. 

When an outer volume is mounted with hidden volume protection enabled (see section 
Protection of Hidden Volumes Against Damage
), you must follow the same security 
requirements and precautions that you are required to follow when a hidden volume is mounted 
(see above). The reason is that the operating system might leak the password/key for the 
hidden volume to a non-hidden or unencrypted volume. 

If you use an 

Yüklə 5,12 Kb.

Dostları ilə paylaş:
1   ...   30   31   32   33   34   35   36   37   ...   130




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin