[Truecrypt] Location of encryption key

I was reading the Wikipedia article about data remanence, and stumbled upon this statement:

Since I'm using Truecrypt to encrypt some 100 mbs of data (political stuff), I was wondering in which sector of the encrypted container and on an encrypted OS Truecrypt stores the encryption key?

I know this would probably fit better on the Truecrypt forum, but since I don't own a mail-account from my ISP, I'm not allowed to make posts on their forum.

 

Check out the truecrypt site. They do provide all the information your looking for in documentation. I know that containers v5. and down is the first 512K is home of the header. For v6 and up you'll want to destroy the first and last meg of the container. (That will be the headers, both primary and backup, and then some extra.)

I never really looked into the system encryption header information but it should be there.

 

Yep, just found this page on their homepage: Volume Format Specification
I'll clearly need to wipe the first 512 kb (1 mb to be sure, as KookyMan says), and the last megabyte also.

Thanks for the quick answer, KookyMan.

 

I suggest you study the volume format specifications again. For your scenario, what you need to wipe is the first 512 bytes (not kilobytes) of the volume header. You would also need to wipe the first 512 bytes of the embedded backup header, which begins 131,072 bytes (128K) back from the end of the volume. And you could actually wipe much less than the full 512 bytes per header and still easily accomplish your objective. Kookyman's advice paints a much broader stroke, but it would also work.

A simpler approach would be to use a good quality keyfile and wipe that.

The "key data" (basically, the header) for system encryption is stored in the last sector of Track 0. It's also stored on the TrueCrypt rescue cd.

 

Sorry about the kb-suffix, I was a bit too fast there.

I know, but it would make the script I'm working on slightly more complicated. Even though it might save some time...

Thank you very much for mentioning the keyfile-approach, I can't believe I didn't thought about that solution!

 

I'm curious about your methodology. How would your script accomplish this?

 

What makes you think any of this is necessary? Truecrypt does not store the passphrase to disk anywhere.

 

I assume the OP is concerned that somebody might manage to force the passphrase out of him and he wants to prevent anyone (including himself) from ever accessing the data.

 

I'll rather use it as a fast way to destroy sensible data, in case the data loses its actuality and needs to be destroyed.

If I manage to get the script working, I'll post the code in this thread. I'm working on several things at the moment, so it might take some time...