Truecrypt and BitLocker FDE Experiment

Discussion in 'other security issues & news' started by x942, Jun 9, 2011.

Thread Status:
Not open for further replies.
  1. x942

    x942 Guest

    The other day I was re-installing windows and half way through encrypting the drive with TrueCrypt I wondered what if I encrypted with bit locker afterwards?

    So I decided to try it and see what would happen. To my surprise it actually works. I notice a slight amount of lag, mostly when booting, but besides that it actually works flawlessly. This means that if someone wanted to they could double encrypt their system HDD and protect them selves even more (although over-kill). With this setup if any vulnerability were to be found in one of the programs the other would negate the effect completely. You also get the added use of tokens and memory wipping that TrueCrypt has yet to provide.

    As I said extremely overkill but it IS possible to do this. Just thought someone may enjoy trying this.:thumb:
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Doesn't truecrypt already encrypt it with 3 different methods? Or at least it can.

    You can encrypt something infinitely, I just don't know why you would since it's basically "uncrackable" after a very short time.
     
  3. x942

    x942 Guest

    As I said it is overkill but in theory it should be more secure then using TrueCrypts cascades as a vulnerability in TC's PRNG would effect all algorithms including the cascades. This is two completely deferent encryption programs encrypting the drive with the same algorithm (aes-256 bit).
     
  4. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    So you have to put in two different passwords then?
     
  5. x942

    x942 Guest

    No. I don't have a TPM in my computer so I only have to plug in a flash drive for bit locker. It uses it as a secure token to authenticate and boot. TC needs a password still. Been running it for a few days now (on a net book) and no noticeable slow downs thus far :D
     
  6. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    991
    Location:
    Hawaii
    Hmmm, sounds like fun. But how would you access the data on your dual-encrypted drive if there was partial disk or system failure? The recovery procedures are very different for the two encryption methods. I doubt if TC's "mount w/o preboot auth" would be of any use, which is unfortunate, as that's usually the best approach for recovering data. And I don't think Bitlocker's usual preboot recovery methods would work if the drive was also TC-encrypted. Maybe you could use the TC rescue disk to decrypt the entire drive (which can take days) and then try the Bitlocker procedures after that?
     
  7. x942

    x942 Guest

    That is probably the easiest way to do it. I could also put the hard drive in a USB enclosure and mount it on another windows 7 machine with TC and than Bitlocker. I also managed to encrypt a TC volume with bit locker as well.
     
Loading...
Thread Status:
Not open for further replies.