TrueCrypt, Encryption.

Discussion in 'encryption problems' started by Taliscicero, Jul 22, 2013.

Thread Status:
Not open for further replies.
  1. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I have a 1TB removable HDD. I did a full device encryption on it a year ago. I now wish to change the encryption method and password. Is there any way for me to do this without copying or deleting my files?
     
  2. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    To change password: System menu > change password.
    If you would like to change encryption method I believe you will have to decrypt volume first and then encrypt again with selected by you new method.
     
  3. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439

    How is decryption possible i see no options?
     
  4. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    All is in Help Truecrypt file.

    and

    BTW. Truecrypt website doesn't work today.
     
  5. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,285
    Location:
    England
    Creer the TrueCrypt website works for me at the moment.
     
  6. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Thanks, indeed it is online now, but when I wrote my previous message their website was offline for at least 2h (I did check using downforeveryone... website status checker).
     
  7. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    You CANNOT decrypt non-system volumes at all. The TC code specifically disallows it. You will need to copy off your data and re-encrypt if you want to change the algo of the volume. As mentioned earlier, you can change the password and/or keyfiles at any time.

    If stealth is your big thing you do have the option of writing a "false header" to the volume. I have done this many times but I have years of familiarity with this product. You would save (multiple times) the actual header. Then you can write a volume header for another volume to the external drive leaving it completely unbreakable. No one would know its not genuine except you based upon viewing the external drive alone. If they "cracked" the fake header after countless hours they would see nothing but blank space.

    You would need to decide your comfort with this approach. I feel no risk for myself but others just might mess something up and lose it all!!
     
    Last edited: Jul 22, 2013
  8. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    With a non-system drive your best bet is to move it all and then wipe and do a new full encryption of your external drive.
     
  9. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    That's a big disadvantage in my opinion - if you have eg. 3TB encrypted volume where you have 2.5TB data and you want change encryption or simply just decrypt volume - then you have to find or buy (if you don't have) another drive to copy 2.5TB of data. It's also time consuming and increase I/O:
    1) Mount volume
    2) Copy/move 2.5TB from volume A to volume/drive B
    3) Delete encrypted 3TB volume (or format)
    4) Again copy/move 2.5TB of data but this time from volume B to volume A
    5) Encrypt volume A with new algo.

    It should looks like this (this is how BestCrypt Volume Encryption works for system and non-system volumes/drives):
    1) Decrypt volume A
    2) Encrypt volume A with new algo.
    Done.
     
    Last edited: Jul 23, 2013
  10. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    991
    Location:
    Hawaii
    I would swap steps 4 and 5 to avoid utilizing in-place encryption unnecessarily. First create the encrypted volume, then copy in the data. It's both faster and safer.
    Sounds good! Let's all go and ask TC for our money back :)
     
  11. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Good luck ;)
    Community/TC users should ask authors TC to simplify/reduce steps that users have to follow when they want to change encryption alghoritm on encrypted non system volumes.
     
  12. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    991
    Location:
    Hawaii
    Yes, but they never do a damn thing that we ask. It's like they're the CIA or something.
     
  13. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Ha! :D Good one.

    PD
     
  14. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
    All you need to do is :
    1 : Encrypt the disk
    2 : Copy the files back to the volume - FROM YOUR BACKUP

    Because you DO have a backup, right ?
    If not, your data is at risk 100% of the time, encrypted or not !!!
     
  15. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Since OP asked this question:
    where he stated that he don't want to play with copy/paste I do assume worst case scenario that he doesn't have backup.
    In that case he has to wade through all 5 steps mentioned by me above.
     
  16. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I don't have back-up and don't wish to spend money on another 1TB HDD. I have no way of doing what i wish with how TrueCrypt is currently set up. If you can decrypt your main systems FDE, you should be able to do the same for a non system volume. Having no back-ups is no big deal, If you know how to gauge the health of your drives you need never back-up before you know they are starting to have problems. I have never had back-ups and have never needed them.
     
  17. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Nobody has needed a backup..........until they need one. And then - backups are priceless, and if you don't have one, you'll feel really foolish.

    At least backup your TC headers. It's not always the failure of the physical drive as to why you would need a backup.

    Good luck.
     
  18. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    991
    Location:
    Hawaii
    I'm 100% certain that you're wrong about that, but ok, it's your data and I won't argue with you. Some people just have to learn things the hard way. In the meantime, I hope your luck holds.

    PS: Based on your above posts I'd say that TrueCrypt is not for you. The program has no mercy; it's more of a guard dog than a friend. If you screw up it will eat your data in a heartbeat, and that will be that. All TrueCrypt users are strongly urged to back up their data.

    PPS: I'm sorry if my post seems to come on a bit too strong. It's just that I have spent almost my entire time in these forums trying to help those TrueCrypt users who have screwed up (or gotten unlucky) and lost all of their encrypted data. There are so many ways you can screw up a TrueCrypt volume that I can't even begin to list them all, but almost everyone I've tried to help has committed this one big mistake: No current backups.
     
    Last edited: Jul 25, 2013
  19. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I have been using TrueCrypt fine for 4 years. I have had it on USB devices R-HDD's, my main computer and more. I know why you keep backups. I just don't really need them. I never forget my passwords and don't use my HDD's enough for them to fail.
     
  20. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    That's like saying "I don't ride in cars enough to get into a wreck." If you ride in a car, you can get into a wreck. If you use a hard drive, it can fail, and you can lose data.
     
Loading...
Thread Status:
Not open for further replies.