Few questions about Truecrypt

Discussion in 'privacy technology' started by ams963, Feb 28, 2014.

Thread Status:
Not open for further replies.
  1. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Hi,

    I have three questions.

    1. Which algorithm is better to use in term of security?
    a. AES
    b. Serpent
    c. Twofish
    d. AES-Twofish
    e. AES-Twofish-Serpent
    f. Serpent-AES
    g. Serpent-Twofish-AES
    h. Twofish-Serpent

    2. How do I decrypt a volume like a D drive in the HDD or a usb Flash drive without formatting the drive and preserving the files?

    3. What are the cons of encrypting the system?

    Any answer and explanation would be heartily welcomed.:)
     
  2. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    Which is better? This a subject of much debate.
    AES is good because there are numerous published papers from teams that have tried to find a weakness in it and no significant weaknesses have been reported. The others are not used as much, not subject to as much scrutiny as AES so less is know about Twofish and Serpent. AES also has the benefit of hardware acceleration.
    Cascades are theoretically stronger because all of the individual ciphers must be broken to break the the cascade. The cascade order has no effect. Cascades are slower to run though.
    Non-system disks cannot be decrypted in place. Make a copy of the data, reformat and reload. There is no other way with the current Trurecrypt version.
    As for system encryption, if Windows becomes unbootable from a disk error, virus or other mysterious reason, it is much more difficult to recover. This can be mitigated by making regular backups of your system which is something you should do anyway, whether using encryption or not.
     
  3. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    @chiraldude
    Thank you so much. I just have one more question.

    How do I decrypt the system drive without formatting?
     
  4. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    Click the Truecrypt icon in the taskbar.
    Select:
    System / Permanently Decrypt System Partition
     
  5. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    For the record;

    There appears to be little data on who is behind Truecrypt, and an independent code audit is in progress. Probably wise to wait for the audit report.
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    TrueCrypt is solid. It is a piece of software that has stood up against several very high profile "three letter agency" court cases. Multi national type prosecutions where the software remains uncracked, and the case "evidence" if it exists, is still secure within encrypted drives. This isn't hype its hard fact. That alone should speak to TrueCrypt's value for a normal privacy user.
     
  7. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    Truecrypt Security Model

    Note to security researchers: If you intend to report a security issue or publish an attack
    on TrueCrypt, please make sure it does not disregard the security model of TrueCrypt
    described below. If it does, the attack (or security issue report) will be considered
    invalid/bogus.


    TrueCrypt is a computer software program whose primary purposes are to:

    Secure data by encrypting it before it is written to a disk.
    Decrypt encrypted data after it is read from the disk.


    TrueCrypt does not: (read info)

    http://www.truecrypt.org/docs/security-model


    Is TrueCrypt Audited Yet? Not Yet.

    http://istruecryptauditedyet.com/
     
  8. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Ah thank you. I've encrypted a non-system drive. But when I try to open the drive without mounting with Truecrypt this is what I get
    D.png

    How can I prevent unauthorized formatting?

    And, I'm given the choice of encrypting the Host Area or something like that during system encryption. Is it safe to do encrypt the Host Area which is usually hidden from the system which is sometimes used by some manufacturers to perform a system restore, system boot, etc. well that was what written on the truecrypt window.

    Also when encrypting the system, truecrypt proceeds to creating a truecrypt rescue disk with a DVD or flash drive. Is it ok to do that? I'm not given any options. Truecrypt will make the trd before it proceeds with system encryption.
     
  9. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    What do they mean? I've only encrypted a non-system drive/partition. So does that mean if I let another person use my computer from my administrator account, that person could get the data on the encrypted drive? Or even if I let the person use from a local account, the person could still get the data?
     
  10. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    You can remove the drive letter from your D: drive.
    Go to disk management, right click on your D: drive, select change drive letter and paths, click the Remove button. This only removes the letter, nothing else. Truecrypt will still see it for mounting.

    For your security questions, just remember that once a container is mounted, it behaves as though there is no encryption. Anyone with permission to access your system can access the encrypted data when mounted.
    To keep your data most secure, unmount the TC container when you walk away from your machine or even when you hibernate.
     
  11. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    @chiraldude
    Thanks a lot. That's exactly what I was looking for. :D

    When encrypting system drive, is it okay to proceed with the following steps?

    Untitled.png

    45.png
     
    Last edited: Mar 3, 2014
Loading...
Thread Status:
Not open for further replies.