Hidden encrypted disk with protection against thermorectal decryption
Recently, the blog " Information Security " slipped several topics about how to encrypt data to protect against mask shows. But all these methods, based on heated discussions in the comments, are not tested by a soldering iron.
Therefore, I want to offer my own way of protecting data from particularly interested persons in masks - encrypting data on a hidden disk, which has an additional level in protection from a soldering iron.
So far I have found such an opportunity only in the program truecrypt (opensource, win / linux / mac) - " hidden volume ", so I will tell you by its example. Although it is possible that there is something similar in other cryptographers.
It works like this:
')
Overall, everything turned out looks like this:
Using the first password, we get access only to the first disk, and the presence of the second disk, as stated by the developers of truecrypt (he himself did not penetrate deeply into the topic, trust their words), cannot be known in any way without knowing the second password.
And, accordingly, knowing the second password, you can easily access the second disk with the main data.
The program also provides a connection mode for the first disk with protection against data corruption of the second disk (in this case both passwords are asked), otherwise when recording to the first disk in normal mode, you can spoil the data of the second hidden disk.
All this is done using the program's GUI interface; it should not cause any special difficulties in the settings. It also supports work in the console mode, which allows you to work with these disks through scripts.
So, if masks-shows came to us, the action plan is as follows:
UPD: I do not propose a method of absolute protection against a soldering iron and solving all problems , I just described an additional opportunity to protect my data with a second level of secrecy , which is not visible from the side even after a thorough search.
And if the ill-wishers do not realize that you have a second hidden disk, then by external signs they will not notice its presence and, accordingly, they will not spend extra electricity on a soldering iron. But how to make it so that they do not guess about it is a task for everyone individually, with the use of ingenuity and creativity.
And this method is more reliable than a working server in a company with a supposedly empty hard drive without partitions (with hidden encrypted partitions), which immediately arouses suspicion. And here the file caused suspicion, we decrypted it with the first password, showed all the data and calmed down, the suspicion that there could be another encrypted disk in the same file is unlikely to appear without direct interference.
Therefore, I want to offer my own way of protecting data from particularly interested persons in masks - encrypting data on a hidden disk, which has an additional level in protection from a soldering iron.
So far I have found such an opportunity only in the program truecrypt (opensource, win / linux / mac) - " hidden volume ", so I will tell you by its example. Although it is possible that there is something similar in other cryptographers.
It works like this:
- A file with an encrypted disk is created, which is encrypted with the first password, for example data.img, is connected as a disk.
- Any semi-fake data is recorded on this disk, which, after much persuasion in case of a soldering iron threat, can be shown to ill-wishers by typing this first password. Well, that is so that they look like data that you really wanted to hide from the eyes of the owners of the soldering iron, but in fact it is not particularly scary if they find it.
These data need not score the entire disk to the eyeballs, but only part, leaving free space. - On top of the remaining free space from the data of the first disk in the data.img file, another disk is created, which is encrypted with the second password. The most valuable data is already recorded on this disk, which cannot be shown even after direct contact with the soldering iron.
')
Overall, everything turned out looks like this:
Using the first password, we get access only to the first disk, and the presence of the second disk, as stated by the developers of truecrypt (he himself did not penetrate deeply into the topic, trust their words), cannot be known in any way without knowing the second password.
And, accordingly, knowing the second password, you can easily access the second disk with the main data.
The program also provides a connection mode for the first disk with protection against data corruption of the second disk (in this case both passwords are asked), otherwise when recording to the first disk in normal mode, you can spoil the data of the second hidden disk.
All this is done using the program's GUI interface; it should not cause any special difficulties in the settings. It also supports work in the console mode, which allows you to work with these disks through scripts.
So, if masks-shows came to us, the action plan is as follows:
- We give the specialists who came to a thorough probing their server.
- They find a suspiciously large file on it, they start pestering us with questions.
- We first reject, saying that this is just a swap, backup, archive with prone, or something else, in general, break the comedy.
- After serious threats start pouring from them, yet that the encrypted data disk is recognized, we give them the first password with tears and snot.
- They rejoice, connect the first disk with the help of this password, receive data, find something irregular in them, slightly bother you for it and release it.
UPD: I do not propose a method of absolute protection against a soldering iron and solving all problems , I just described an additional opportunity to protect my data with a second level of secrecy , which is not visible from the side even after a thorough search.
And if the ill-wishers do not realize that you have a second hidden disk, then by external signs they will not notice its presence and, accordingly, they will not spend extra electricity on a soldering iron. But how to make it so that they do not guess about it is a task for everyone individually, with the use of ingenuity and creativity.
And this method is more reliable than a working server in a company with a supposedly empty hard drive without partitions (with hidden encrypted partitions), which immediately arouses suspicion. And here the file caused suspicion, we decrypted it with the first password, showed all the data and calmed down, the suspicion that there could be another encrypted disk in the same file is unlikely to appear without direct interference.
Source: https://habr.com/ru/post/92774/
All Articles