I should add that hiding does not work very well if the other side
has the power to make you give them the key, e.g. at a US border
crossing. Personally I have been using cryptographically strong
randomness to wipe diskss and empty space, something I will not do
in the aforementioned situation. There is a good chance the "refusal"
to divulge the keys for the "encrypted data" will get you sent
back or worse.
The basic problem is that encrypted areas (or areas wiped with
cryptographically strong randomness) are easy to identify:
They do no have any recognizable patterns in them, which can be
identified, e.g., by high entropy or incompressibility. A quick
test is significantly faster than a disk read. Avoiding false
positives from compressed data is by hard-coding the patterns
all popular compressors generate.
These analysis techniques also work against the "open one, have
one other hidden in it" technique some people advise to use
with TrueCrypt. It is not hard to see that some stuff is still
encrypted in these cases. Incidentially, entropy analysis also
works against steganography, if you hide a lot of data.
My Advice would be to use encryption only when you have a
defensible position in case the attacker suspects you have
encrypted data. In that case hiding the data may not be necessary
in the first place.
Incidentially, actually proving some data is encrypted is not possible
from the encrypted data itself, e.g. when using dm-crypt. (With LUKS
there is the header, which may be enough to convince a court.) As long
as you have the protection of due process and there is no other proof
that the "random data" is encrypted data, the "this was overwritten by
cryptographic randomness" defense works. Remember that at a border
crossing and in some countries you may not have the protection of due
process. It will also be fascinating to observe what the british
authorities will do in case somebody uses this defense, as any
competent cryptographer will confirm its validity.
Bottom line: Hiding encrypted volumes is far less useful than
commonly assumed. The legal situation is far more important.
Arno
P.S.: Procedure I use to wipe a disk is as below. I developed
this as I had to wipe 50 disks in the 100-250GB range
in a secure fashion and it is the fastest option under
Linux, unless a zero-wipe (which may or may not be insecure)
is enough.
1. Setup the whole device with dm-crypt and a long random key
2. dd_rescue -w /dev/zero /dev/mapper/<device>
(Use "cat /dev/zero > /dev/mapper/device" for batch operation.)
Using /dev/(u)random as input is far slower. Incidentlially,
a disk wiped this way is indistinguishable from a disk
that is encrypted, unless you have the key. As long as
there is no legal obligation avoid any suspicion, this
procedure is also fine legally.
On Sun, May 18, 2008 at 12:45:31PM +0930, Roscoe wrote:
> Woops, if you do try to hide things with an offset, just use dm-crypt,
> LUKS has an identified header.
>
> On Sun, May 18, 2008 at 12:30 PM, Roscoe <eocsor@xxxxxxxxx> wrote:
> > No.
> >
> > You could try to superficially hide things by setting up the mapping
> > with some offset if you really wanted.
> >
> >
> >
> > On Sun, May 18, 2008 at 12:11 PM, Lurkos <lurkos.usenet@xxxxxxxxx> wrote:
> >> Does LUKS format support hidden volumes (using dm-crypt on Linux and
> >> FreeOTFE on Windows) such as Truecrypt?
> >>
> >> P.S.: Where can I find the archive of the mailing list?
> >>
> >> ---------------------------------------------------------------------
> >> dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
> >> To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
> >> For additional commands, e-mail: dm-crypt-help@xxxxxxxx
> >>
> >>
> >
>
> ---------------------------------------------------------------------
> dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
> To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
> For additional commands, e-mail: dm-crypt-help@xxxxxxxx
>
--
Arno Wagner, Dipl. Inform., CISSP --- Email: arno@xxxxxxxxxxx
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
