Question about TrueCrypt headers (Same password + keyfiles same header?)

Discussion in 'encryption problems' started by marcelwr, Nov 2, 2015.

  1. marcelwr

    marcelwr Registered Member

    Joined:
    Nov 2, 2015
    Posts:
    1
    Hi there,

    I can't mount my harddisk encrypted with truecrypt. It's saying: incorrect password or not a truecrypt volume. Unfortunately I don't have a header backup.

    I already tried mounting with embedded header without success.
    I also tried TestCrypt but no header was found.

    I have another harddisk encrypted with the same password and same keyfiles as the corrupt one though. Can I export the header of the working harddisk and use it as the header for the corrupted harddrive? Is that possible?

    Thanks for your help!
    Marcel
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    No.

    Even though the password is the same, the header is so different you wouldn't recognize it through any known comparitive analysis. During creation of the volume TC uses SALT and many other randomizing factors that make EACH header completely unique in all ways. Sorry but those are the facts.

    At least now you have learned the importance of volume header backups, which only take a few seconds to create before disaster strikes. For others reading this thread, if you don't have header backups go make them NOW.
     
  3. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    I have seen multiple reports on the net about corrupted TC header that renders lost of the whole container/volume. I was wondering how often this could happen, and what are the reasons that could trigger a header corruption? Or maybe it's a bug of TC?
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    Never happened to me with over 10 years at it. Excluding hardware fatigue its almost always a windows update or something to do with windows trying to fix something that isn't broken.

    The software is coded so that a loss of the header means COMPLETE loss of the contents. If you think about it, isn't that the way it should be? The header represents the key to the lock. If you can gain access without the key then what good is the lock in the first place?

    Knowing that, the developers made this a very easy process. Just like around your house, you make an extra key in case you lose the original (volume header backup). When the original gets hosed/lost you restore from the backup in a few seconds and that is it. If you didn't create the backup you learn from your experience, and sometimes its a huge loss of data. Its in the manual but then you have to read that too.
     
  5. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    Thank you, your reasoning makes a lot of sense. I used to use TC and Veracrypt a lot, but now I mainly use Ubuntu Linux with /home directory encryption. However sometimes I do need to use Windows, in which case a cross platform solution such as TC or VC will make more sense.
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    I am not going to downtalk TC after using and coding with it for a decade, but I would and do use VeraCrypt now for non-system disk encryption. Many code enhancements are added and we have several "beyond just decent" coders checking each other's backs on code changes.

    Whether VC or TC you don't see very many (if any) threads where a linux system disk user has their non-system disk --- TC/VC headers get hosed --- like you do with the Windows OS folks. So either its due to more experienced users, or its because Linux doesn't always try to fix stuff that isn't broken. Plus it knows how to update and leave other partitions alone. Probably some of both, but mostly the latter.

    Building the linux version of VC is a snap and the code appears very solid. Its basically TC but patched and improved as needs have surfaced, and with significant header hardening too (PIM most noteably).
     
  7. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    Sounds good! I also have not seen any hosed header problem in my own use of TC over the past 8 years or so, either container or non-system disk FDE.

    Agreed that VC appears to be making great progress towards a great product. I, as a regular user of TC/VC, am very thankful for the time, efforts and intelligence that the open source community, and voluntary coders invested into great projects such as TC/VC.
     
Loading...