Methods to bruteforce bad header with known keyfile (TrueCrypt)?

Discussion in 'encryption problems' started by zeweaver, Oct 2, 2012.

Thread Status:
Not open for further replies.
  1. zeweaver

    zeweaver Registered Member

    Oct 2, 2012
    United States
    I recently lost the ability to decrypt a non-system partition encrypted by TrueCrypt (rolling cypher, Serpent-Twofish-AES). When I tried to mount the partition via keyfile, it said "Incorrect keyfile(s) and/or password or not a TrueCrypt volume." After accessing and restoring a known good backup of the keyfile, I concluded that my header was corrupted.

    After that, I tried to restore the volume's header using the backup built into the partition itself. (I created this encrypted partition within the past 6 months, so I know that it was encrypted by a version 6.0+ of Truecrypt.) This failed too... does this mean that I have corrupted one of the bits of both the front and rear 1024-bits of my partition? If so, what methods could I use to recover my partition? I'm sure that it might be possible to brute-force within a reasonable amount of time, since I know the keyfile, but I need a set method to do so. (As a side-note, there are 1,048,576 possible combinations for the TrueCrypt header.)

    Does anyone have a suggested method to bruteforce combinations of the header with a known keyfile?
Thread Status:
Not open for further replies.