undefined | Better HN

0 pointsrattray9y ago0 comments

Can you (or others) elaborate here?

0 comments

Truecrypt is a (now discontinued) encryption program that allowed you to nest encrypted containers within one another in a way that if you provided Password1, it would open Container1, and if you provided Password2, it would open Container2.

Since the Container's full size was allocated at creation, and the size of the contents cannot be determined without the key, this gave plausible deniability. You could keep your real sensitive information in an encrypted volume, and put something that could plausibly be sensitive but that you didn't really care about someone getting in a nested volume, and when forced by the law/rubber hose to decrypt, provide the password to the volume you don't care about, and there's no way for anyone to prove that you didn't fully decrypt the contents.

usefulcat9y ago

Side note: TrueCrypt lives on as VeraCrypt.

SilasX9y ago

But isn't it a non-trivial problem to generate plausible fake data?

ensignavenger9y ago

You would use a 'fake' container for safe work that you don't mind revealing, while only entering your 'secret' container only when, and alway when, doing work you want to keep secret. This way. there isn't really any 'fake' data, just different data.

kilotaras9y ago

Truecrypt didn't generate fake date, you (the user) did. E.g. put porn on "show to thugs" partition and "Death star plans" on "true" encrypted partition.

1 more reply

smellf9y ago

    echo "Truecrypt test" > /mnt/plausible_deniability_volume/README && history -d $(history | tail -n1 | cut -d' ' -f1)

77pt779y ago

I've never used it so all I could say you can find in the documentation.

j / k navigate · click thread line to collapse