Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > A Truecrypt Trick

Reply
Thread Tools

A Truecrypt Trick

 
 
null
Guest
Posts: n/a
 
      09-11-2006
nemo_outis wrote:

> I say, without fear of contradiction, that there is NO method of
> unsuspiciously hiding a multi-gigabyte encrypted file from a
> *thorough* search


A guy I know who is much more hardcore than me sometimes takes his OTFE
file and writes it to a disk that is offline. The file ends up in
perfect form on the disk, but the file system (i.e. the MFT, if using
NTFS) contains absolutely no reference to this file. Since
crypto-strong pseudorandom algorithms are used on each and every one of
his disks, that file blends in perfectly with free space. He stores the
offset and length of the file, and nothing else. Let me know how this
method would be "suspicious" to you.


 
Reply With Quote
 
 
 
 
George Orwell
Guest
Posts: n/a
 
      09-11-2006
null wrote:

> http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
>
> > I agree, it's protection against your kid sister only - security
> > through obscurity, and we all know what that means! (Yuck!)

>
> Here we go... Can you name some type of security that ISN'T making use
> of obscurity? The lock to your car and house require an
> obscurely-patterned key to fit. Every one of your passwords works
> because it is obscure. And on and on... And your anonymous remailer
> adds privacy and security by using obscurity.


None of those things use obscurity in any significant way to provide
security. Even your car key relies on provable mathematical formula and
the probability that a thief can't try all possible keys in any
practical span of time. Passwords and encryption (remailers) rely on
hard mathematics even more so than your auto's locks, and are
consequently even harder to "crack". Assuming passwords of sufficient
strength of course, which is a contradiction to passwords that are
merely obscure.

 
Reply With Quote
 
 
 
 
nemo_outis
Guest
Posts: n/a
 
      09-11-2006
"null" <(E-Mail Removed)> wrote in news:MG5Ng.9253$xV.2946
@twister.nyroc.rr.com:

> nemo_outis wrote:
>
>> Or the even more devious can use a
>> directory rather than a file. (Yes, directories and not just files
>> can have ADSs

>
> Dr. Pedantic says: Directories ARE files.




If that is what he says then Dr. Pedantic is somewhat more sloppy than he
should be.

In the NTFS system all files consist of one or more entries in the MFT and
zero or more extents. A directory, like a data storage compartment (or
other info like metadata) is generally implemented as an extent. In short,
a directory is *a part of* a file (more specifically, an extent).

While not conventionally implemented this way, a single file could consist
of multiple directories, multiple data storage areas, and multiple other
unspecified types of compartment (possibly containing metadata, for
instance) with each implemented as an extent.

Regards,

 
Reply With Quote
 
nemo_outis
Guest
Posts: n/a
 
      09-11-2006
"null" <(E-Mail Removed)> wrote in news:CN5Ng.9255$xV.7519
@twister.nyroc.rr.com:

> nemo_outis wrote:
>
>> I say, without fear of contradiction, that there is NO method of
>> unsuspiciously hiding a multi-gigabyte encrypted file from a
>> *thorough* search

>
> A guy I know who is much more hardcore than me sometimes takes his OTFE
> file and writes it to a disk that is offline. The file ends up in
> perfect form on the disk, but the file system (i.e. the MFT, if using
> NTFS) contains absolutely no reference to this file. Since
> crypto-strong pseudorandom algorithms are used on each and every one of
> his disks, that file blends in perfectly with free space. He stores the
> offset and length of the file, and nothing else. Let me know how this
> method would be "suspicious" to you.



I'm eager to learn how one writes to an offline disk.

Regards,



 
Reply With Quote
 
nemo_outis
Guest
Posts: n/a
 
      09-11-2006
"nemo_outis" <(E-Mail Removed)> wrote in
news:Xns983B5CC2112AEabcxyzcom@127.0.0.1:

> "null" <(E-Mail Removed)> wrote in news:MG5Ng.9253$xV.2946



In fact, if Dr. Pedantic had wanted to be even more precise, he would have
noted that directories are subcomponents of one particular file ($MFT) and
that they are implemented as "index attributes" based on a B+ structure.
Large directories have their entries spill over into one or more instances
of "index buffers" with the index allocation attribute header specifying
the location(s) of those index buffers.

By now, I think Dr. Pedantic may regret his rather rash interjection and
wish he had not taken it upon himself to introduce his pointless correction
in the first place.

Regards,

..
 
Reply With Quote
 
Chris Lawrence
Guest
Posts: n/a
 
      09-11-2006
On Mon, 11 Sep 2006, George Orwell wrote:

> null wrote:
>
> > (E-Mail Removed) wrote:
> >
> > > I agree, it's protection against your kid sister only - security
> > > through obscurity, and we all know what that means! (Yuck!)

> >
> > Here we go... Can you name some type of security that ISN'T making use
> > of obscurity? The lock to your car and house require an
> > obscurely-patterned key to fit. Every one of your passwords works
> > because it is obscure. And on and on... And your anonymous remailer
> > adds privacy and security by using obscurity.

>
> None of those things use obscurity in any significant way to provide
> security. Even your car key relies on provable mathematical formula and
> the probability that a thief can't try all possible keys in any
> practical span of time. Passwords and encryption (remailers) rely on
> hard mathematics even more so than your auto's locks, and are
> consequently even harder to "crack". Assuming passwords of sufficient
> strength of course, which is a contradiction to passwords that are
> merely obscure.


The point is that the keys and passwords protect the car and the files.
Obscurity protects the keys and the passwords. That's what he was
saying. Ultimately your car and files are safe because you hide your
keys and passwords from strangers.

--
Chris
 
Reply With Quote
 
Non scrivetemi
Guest
Posts: n/a
 
      09-11-2006
Chris Lawrence wrote:

> On Mon, 11 Sep 2006, George Orwell wrote:
>
> > null wrote:
> >
> > > (E-Mail Removed) wrote:
> > >
> > > > I agree, it's protection against your kid sister only - security
> > > > through obscurity, and we all know what that means! (Yuck!)
> > >
> > > Here we go... Can you name some type of security that ISN'T making use
> > > of obscurity? The lock to your car and house require an
> > > obscurely-patterned key to fit. Every one of your passwords works
> > > because it is obscure. And on and on... And your anonymous remailer
> > > adds privacy and security by using obscurity.

> >
> > None of those things use obscurity in any significant way to provide
> > security. Even your car key relies on provable mathematical formula and
> > the probability that a thief can't try all possible keys in any
> > practical span of time. Passwords and encryption (remailers) rely on
> > hard mathematics even more so than your auto's locks, and are
> > consequently even harder to "crack". Assuming passwords of sufficient
> > strength of course, which is a contradiction to passwords that are
> > merely obscure.

>
> The point is that the keys and passwords protect the car and the files.
> Obscurity protects the keys and the passwords.


Obviously not. Keys and passwords aren't secure because they're
obscure, they're secure because they're made physically so.

> That's what he was
> saying. Ultimately your car and files are safe because you hide your
> keys and passwords from strangers.


False. There's a huge difference between obscurity and physical
security.




















 
Reply With Quote
 
Chris Lawrence
Guest
Posts: n/a
 
      09-11-2006
On Mon, 11 Sep 2006, Non scrivetemi wrote:

> > > None of those things use obscurity in any significant way to provide
> > > security. Even your car key relies on provable mathematical formula and
> > > the probability that a thief can't try all possible keys in any
> > > practical span of time. Passwords and encryption (remailers) rely on
> > > hard mathematics even more so than your auto's locks, and are
> > > consequently even harder to "crack". Assuming passwords of sufficient
> > > strength of course, which is a contradiction to passwords that are
> > > merely obscure.

> >
> > The point is that the keys and passwords protect the car and the files.
> > Obscurity protects the keys and the passwords.

>
> Obviously not. Keys and passwords aren't secure because they're
> obscure, they're secure because they're made physically so.


I'm not talking about security of keys and passwords, I'm talking about
the security of the protection of keys and passwords. Car keys are
quite intrinsically secure but you still have to hide them from
strangers. Ultimately the security of your vehicle comes down to how
well you hide your keys (given that the ignition can't be defeated due
to its intrinsic security). In otherwords the ignition is safe because
the key system is strong. The key is safe because you don't know how to
get it.

> > That's what he was
> > saying. Ultimately your car and files are safe because you hide your
> > keys and passwords from strangers.

>
> False. There's a huge difference between obscurity and physical
> security.


You need to make the separation between the intrinsic security of the
key and the security in managing the key. If I choose a strong password
for a well protected service that is good, but it's only safe because a)
you can't guess it, by definition and b) you can't access mine. And you
can't access mine because I hide it from you. Ultimately it comes down
to something I know that you don't know. That's security through
obscurity.

Trouble is people chant the "security by obscurity never works" mantra
so blithely, seemingly trying to look good by association with their
equally noisy peers.

--
Chris
 
Reply With Quote
 
nemo_outis
Guest
Posts: n/a
 
      09-11-2006

> Trouble is people chant the "security by obscurity never works" mantra
> so blithely, seemingly trying to look good by association with their
> equally noisy peers.




"Security by obscurity never works" is a bumper-sticker version of Auguste
Kerckhoff's principle that, while catchy, sacrifices precision. Kerckhoff's
principle is presented better in the Wikipedia as: a cryptosystem should be
secure even if everything about the system, except the key, is public
knowledge. Kerckhoff's principle recognizes that every secret is a
potential point of failure, and such points of failure should therefore be
minimized by "concentrating" all secrecy at one point, the key, which can
then be guarded without diffusing one's resources. A case of accepting the
violation of another principle - no single point of failure - but
compensating by guarding the one secret (i.e., the potential point of
failure) well.

Regards,

 
Reply With Quote
 
Chris Lawrence
Guest
Posts: n/a
 
      09-11-2006
On Mon, 11 Sep 2006, nemo_outis wrote:

> > Trouble is people chant the "security by obscurity never works" mantra
> > so blithely, seemingly trying to look good by association with their
> > equally noisy peers.

>
> "Security by obscurity never works" is a bumper-sticker version of Auguste
> Kerckhoff's principle that, while catchy, sacrifices precision. Kerckhoff's
> principle is presented better in the Wikipedia as: a cryptosystem should be
> secure even if everything about the system, except the key, is public
> knowledge.


Yup, I agree. There are two cryptosystems in existence though.
Secret1 is protected by Key1 as part of CryptoSystem1. However Key1 is
also Secret2 and is protected by Key2 as part of CryptoSystem2. In the
case where Key1 is a car key or a password, Key2 is nothing more than
privileged knowledge, and CryptoSystem2 is security by obscurity.

You're reminding me that CryptoSystem1 ought to be strong through Key1
alone. I'm not disagreeing. I'm talking about the fact that Key1 is
Secret2 and how it is kept that way.

> Kerckhoff's principle recognizes that every secret is a potential
> point of failure, and such points of failure should therefore be
> minimized by "concentrating" all secrecy at one point, the key, which
> can then be guarded without diffusing one's resources. A case of
> accepting the violation of another principle - no single point of
> failure - but compensating by guarding the one secret (i.e., the
> potential point of failure) well.


Exactly, "guarding" being the operative word, almost always coming down
to a case of hiding something, for example a sequence of characters in
your head, or keeping a car key separate from the car.

--
Chris
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Truecrypt 4.1 Borked Pseudo Mailed Computer Security 11 11-30-2005 06:29 AM
Re: Truecrypt 4.1 nemo_outis Computer Security 8 11-30-2005 04:58 AM
Re: Truecrypt 4.1 nemo_outis Computer Security 0 11-26-2005 06:01 AM
Re: Truecrypt 4 Released! Ari Silversteinn Computer Security 1 11-02-2005 06:48 PM
Truecrypt 3.0 has been released nemo outis Computer Security 4 12-11-2004 05:58 PM



Advertisments