Full disk encryption: Is it possible to combine Truecrypt and Diskcryptor together?

Discussion in 'privacy technology' started by redcell, Mar 31, 2011.

Thread Status:
Not open for further replies.
  1. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    While I use Truecrypt on one of my notebook hard drives, I have a suspicious growing concern.

    ■ Freeware, sort of open source, called Truecrypt collective license.
    ■ Website claims "plausible deniability" and no backdoor.
    ■ Allows decoy and hidden OS full disk encryption.
    ■ Used by people worldwide. Praises from tech forums, talkshows, blogs, everywhere.
    ■ FBI (openly admitted) failed to break encryption in Brazilian money laundering case.
    ►► Too good to be true

    Thus, I'm thinking of ways to merge/combine usage of system full disk encryption - first with Truecrypt creating outer and hidden, then Diskcryptor only for hidden (maybe overwrite the previous).

    fde.jpg

    Is this possible?
     
    Last edited: Mar 31, 2011
  2. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    Re: Full disk encryption: Is it possible to combine Truecrypt and Diskcryptor togethe


    I didn't follow this. Care to elaborate on exactly how to do this?
     
  3. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    I know it's possible if they're non-system drive and containers. Are you referring to system full disk encryption, as my topic suggested?
     
  4. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    While I agree one should not assume that encryption will keep extremely sophisticated attackers away, but I must ask whether you have any proof the TLA's are routinely decrypting hard drives.
     
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I think what you're doing is overkill and full of potential conflicts.

    If you want more secure encryption just combine 2 or more algorithms and use a more complex password.
     
  6. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    Have to agree with J_L,
    Weakness in cryptography is almost never in the algorithm but in the implementation. How will you verify that your hybrid approach is more secure than a single crypto approach?
    I suspect that a statistical analysis of such container would show the boundary between the outer and hidden container. I could be wrong but my speculation that your approach is less secure is no less valid than your speculation that it is more secure. Without a full analysis by a crypto expert, you are just guessing that it is more secure.
     
  7. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
    What made you change your mind ?
    Furthermore : Do you have any actual evidence to support your paranoia ?
    It seems to me that you choose to view public evidence that TrueCrypt actually works as stated as evidence that it doesn't !

    Don't get me wrong, a certain amount of paranoia is required for the security-concerned, but at some point you always end up with having to trust somebody/thing .. Your reaction is a bit like people who say that Phil 'PGP' Zimmermann made a deal, evidenced by the fact that he isn't rotting in some maximum-security Federal Spy-jail ..However,
    Governments everywhere in the so-called 'Free World' seem to have reached the only logical conclusion : The benefits of access to strong encryption for The Masses far outweigh the draw-backs to law-enforcement .
    ( You could take the Draconian UK-legislature as iron-clad proof that encryption works : If you don't hand over the key they can lock you up for 4 years .. Because they KNOW they wont be able to bruteforce any halfway decent password ! )
     
  8. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126

    Sorry I missed expressing clearly the main point of my title enquiry. The keyword here is "backdoor".

    One should make use different brand names and methods in case anyone believes that certain drive encryption software out there has backdoor.

    Except for cold boot attack, AES256 remains strong reasonably for now. That's why time is lifeline.
     
Loading...
Thread Status:
Not open for further replies.