TrueCrypt security precautions when used on wear-leveling storage devices

Discussion in 'privacy technology' started by MrBrian, Feb 24, 2011.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From http://www.truecrypt.org/docs/?s=wear-leveling:
     
  2. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  3. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    I think the OP has it reversed.

    You should never store UNENCRYPTED data on a flash drive.

    If you store unencrypted data on a flash drive and later try to encrypt it with Truecrypt you will not be sure all the data is encrypted. If any data is moved or deleted, the wear leveling system will remap sectors instead of deleting them so that Truecrypt cannot access them to encrypt them.

    If you instead create an encrypted container on a new blank flash drive then you don't care about sector remapping because all the data is encrypted.

    Now if you carefully read the Truecrypt docs you will find that it is theoretically possible to gain some information about the data stored in a Truecrypt container if you have multiple copies from different times. Wear leveling can lead to multiple copies from different times but you can't use this to decrypt anything so it doesn't matter.
     
  4. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    I agree with OP. Until the SSD manufacturers devise a way to ensure the ability to overwrite the drive with random data, I think using crypto containers is probably a bad idea, especially if you have stored unencrypted data on the drive in the past.
     
Loading...
Thread Status:
Not open for further replies.