Until Monica Lewinsky produced that famous stained dress, Bill Clinton, at least from a legal perspective, could plausibly deny having 'sex with that woman'. So what has PLAUSIBLE DENIABILITY got to do with Technology advice? Well, the legal concept of PLAUSIBLE DENIABILITY can also apply to some disk encryption schemes; for example, the Windows open-source encryption programs (TrueCrypt and FreeOTFE) provide DENIABLE ENCRYPTION by the use of a second password; the commercially-available Microsoft BitLocker (available in some versions of Windows) does not. Should your encrypted drive fall into the hands of a thief who demands your password, the idea is that you give that thief only one password; more sensitive data remaining encrypted by the second password, which you can plausibly deny the existence of. That is the theory of course, until the thief forces you to reveal the second password by torture/coercion (otherwise known as rubber-hose cryptanalysis) But UK authorities now have the same powers as the thief! The REGULATION OF INVESTIGATORY POWERS ACT (RIPA) allows authorities to demand that a defendant hand over passwords, encryption keys, algorithms etc. If you have a deniable encryption system on your PC, a Court may well decide that you use that feature and know its password. If you don't hand over the password, you could go to prison for two years. In effect, RIPA put the onus on the defendant to prove he has no password, rather than on a Court to prove he does. So, if you do use a disk encryption system but do not wish to use any deniable encryption, it may be best to steer clear of encryption software that includes such a feature. For disk drives that include on-board hardware-based encryption/authentication, the drive can be made invisible to the host system until the user has been authenticated, meaning that the encrypted data can never been seen; this opens up the possibility of the JAMES BOND CODE! The JAMES BOND CODE would be a password/PIN set by the user that would generate a new encryption key and delete the encrypted data. The JAMES BOND CODE would then become the new user password/PIN for the device, so it would look as if the correct password/PIN had been provided to the thief/investigating authorities. Any thoughts from the experts on this?
ASIC's can be reverse engineered, it's not easy but it can be done (ASIC Application Specific Integrated Circuit). Hardware encryption relies on an ASIC the same way that protection of application software by use of a security dongle, it could, at great expense, be cracked. There is no magic about hardware encryption it's still just a computer program that has been implemented physically in a circuit. The only real benefit is in performance compared to a software solution. The proposed 'James Bond code' would be a branch in the program code that took a different action to entering the correct access key. The action it wold have to take to delete the encrypted data would be to write to many many areas of the disk, if the disk were large this would take time and the person performing the examination of the disk would see the activity. You could probably trash the encrypted data by writing random blocks of data at regular intervals all over the disk but to truly erase the disk you would still have to write to every sector and on something like a 750GB drive that is going to take hours and it would be obvious that the disk was up to something.
When I wrote this, I was actually thinking more about encrypted USB sticks (on another thread you will see that I just bought one) USB sticks are much smaller capacity than hard drives and I assume can be written to very quickly within the drive itself and without any signs this is happening. It is probably not necessary to delete the encrypted data when the James Bond Code is used - simply deleting the encryption key should be sufficient, and this could be done on hard disk drives without drawing any attention to the user; this is certainly true of the new Toshiba encrypted drives. Some drive manufacturers also embed their drives in a tamper-proof casing, with the idea that the drive circuitry cannot be accessed without destroying the drive itself, supposedly making reverse-engineering impossible) Ironkey USB flash drives are supposedly tamper-proof but I have seen a video on Youtube of an Ironkey flash drive working with the supposedly tamper-proof case removed; this is in spite of Ironkey drives meeting FIPS 14-2 level 3 certification. I believe that even the TPM chip has been reverse engineered, albeit at great expense and with a great deal of technical knowledge and skill plus possession of an electron microscope.
You could wipe a flash drive a bit quicker that is true, regards the key what is actually stored on the flash drive is not the actual encryption key but the hashvalue of the encryption key, this is obtained by a one way mathematical function if your password calculates to the same hashvalue then you have the correct key. I've not looked into drive encryption technology in all that much detail but I did write an asymmetric protected implementation of the twofish symmetric algorithm about 12 years ago and that worked pretty well for me, I was effectively writing my own SSL wrapper where the symmetric keys were exchanged fully encrypted and then twofish encrypted the actual data on the channel, I had a product in 1999 that was a bit ahead of it's time in that it was an xml web service platform before web services really existed or became adopted or standardised, I failed to market it successfully though I did share in a Scottish award for a web development at one of my customers where we built an early eCommerce site around this the good old days I would expect that hardware encoded USB drives and hard drives are using symmetric keys, so ultimately your security relies on the quality of the hashing algorithm, the complexity of your password and the strength of the encryption algorithm. Twofish is still pretty secure. This article http://en.wikipedia.org/wiki/Hardware-based_full_disk_encryption explicitly implies (under the 'Advantages' heading) that you are correct in saying that you could wipe the disk by wiping the key. But you still have the same problem as you have with Truecrypt i.e. the existance of the possibility of a 'wipe key' allows the Spanish Inquisition (our government ) to simply accuse you of using it with no burden of proof falling on them to actually show you used it, so you still go to jail even when you are innocent. A null filled disk might be brand new or it might have been wiped but you could analyse off the tracks to get the echoes of prior data in which case you could tell it had been wiped, although you would also get some level of background noise in such an analysis as well, you could still say it had been wiped though with reasonable certainty after forensic examination. A disk which has had encryption applied will, on the other hand, be full of what looks like junk, this applies to both solid state drives and spinning mechanical platters. A Truecrypt hidden volume's existence cannot be proven as you can freely admit that you are using encryption and you can freely offer the password, the dead giveaway would be that the data on it is likely to be old and out of date unless you are meticulous about keeping up the pretence, so then they can have a reason to ask you for the hidden volume's key as it is likely that it exists, this would apply to any drive older than a month or two if the data you stored on it on the decoy partition was out of date. The single biggest advantage of Truecrypt is that you can pretend the disk is brand new and unpartitioned as it will look that way to all but a very close forensic examination. The drawback of a USB stick with an encryption keypad is that it is obvious that you are hiding something you would not have it otherwise, but you might well own a blank disk. Anyway as I mentioned there is hardly any point except to protect things like bank passwords and personal legal documents and the like. If the Spanish Inquisition approach to law prevails then you can end up going to jail just for owning or being in possession of a hard drive that is not zero filled I have used Truecrypt in the past to protect my application source code, my intellectual property, but I rarely bother these days, it's not worth the performance hit and the danger of tiny amounts of disk damage preventing recovery of your property.
I certainly cannot match your knowledge OSS and neither can I express myself as clearly as you can, but I will give it a try... I had previously considered another USB flash drive (Lok-It) but the encryption keys are NOT hashed because they are not be generated from a user-defined password - the Lok-It flash drive has six encryption keys burned into hardware during manufacture! The user-defined password merely gives access to one of those keys, rather than generate them. Even if not hashed, I guess the keys could still be encrypted in hardware, but the manufacturer makes no claims that they are. Your skills in this respect clearly exceed my own by several degrees of magnitude! My abilities extend only to BBC Basic and in-line 6502 assembler and I have done no programming for around 17 years now. Yes, I believe symmetric keys are used, presumably because the only movement of keys occurs within the drive itself. I assume there is also a third algorithm that is used to generate the encryption key from the entered password, before it is then hashed? Toshiba claim that their encrypted drives save an enormous amount of de-commissioning time, since it is only necessary to delete the encryption key, rather than re-formatting/writing multiple times to clean the disk. I think they even go as far to suggest that deleting the encryption key on an encrypted drive is actually more secure that wiping the data from an unencrypted drive! I think it may be more likely to be considered as Perverting the Course of Justice, where the burden of proof would lay with the Courts prove a defendant's guilt, rather than requiring a defendant to prove their innocence. Unless there is some indication of the time of when the drive was 'wiped' – i.e. before or after the drive is in the possession of investigating authorities, I am not sure any meaningful deductions can be made. It has been shown that Truecrypt's implementation of deniable encryption is flawed, and the existence of Truecrypt's hidden volume can be proven... http://www.schneier.com/paper-truecrypt-dfs.pdf Yes, on a casual inspection that may be true but if some investigating authority has a Court Order allowing seizure of your disk drive, they clearly have a reason to investigate what is on that disk. I don't think it would take them long to conclude it is a Truecrypt encrypted drive. When I think of what may be on a hard drive there is lots I would not want to fall into prying eyes. Trying to keep track on what is on my hard drive and what I have deleted is a never-ending task; for instance, I recently learned that Microsoft Outlook saves deleted emails in the registry! I am sure the Human Rights Act may come into play at some time! The biggest danger is losing the encryption key itself and that is far less likely to happen with hardware-encryption.. Also, with hardware encryption, the encryption is taken away from the CPU, so there should be no performance hit. Good point about tiny amounts of damaged disk though.
I honestly don't know, they might actually use the entered password as the key? I've never used one of those secure USB sticks with the keypad. Yes but with one time access to your device they can't prove you perverted the course of justice, they can only prove that you possessed the means to pervert the course of justice, they can't prove you used the alternate wipe key. Same for Truecrypt, with one time access to the device they can't prove that a hidden volume exists (see below) The normal way to erase a drive thoroughly is to overwrite multiple times with different patterns of data, the leakage is on either side of the track as the mechanics are not perfect on mechanical drives. It's true that with a fully encrypted drive you would only see junk on either side but you might be able to age it based on the strength of the magnetic signal, just speculation on my part. I had actually read this paper a long time ago, it refers to an older version of Truecrypt and relies on the investigating authority having access to a computer that the drive had been mounted on at some point. This risk is clearly highlighted by the Truecrypt dev team if I remember correctly, basically it is relying on data leakage into the registry and other files i.e. the MRU list and various files such as Google's disk index, or the Microsoft Indexing service indexes. The same issue pretty certainly apply to USB sticks, hardware or software encrypted, it's not unique to Truecrypt as basically in order to use the data it has to be mounted and decrypted at some point. This leakage will almost certainly still apply to the current latest versions of Truecrypt as well. If the main worry is transporting data across borders then you simply have to make sure the drive has never been used on any computer you are carrying with you at the same time, as the authority in question only has one time access to your disk. If you were a spy and there was a chance that your disk had been imaged by them then you would simply not use the same disk again, you would move data from said disk to a new freshly encrypted one (different password) before you left the country again. Again they need access to a computer on which the drive had been used otherwise they really can't tell for a Truecrypt volume. As I write software for a living I invest vast amounts of time into inventing things and I would like to get some recompense for my work, so I jealously guard my source code, 'Oss' does not, in my case, stand for 'Open Source Software' (Nor does it have anything to do with the Spy Kids movies or the predecessor to the CIA ) I'm keeping it a secret I am pretty certain by the way Howerd that Outlook does not store deleted emails in the registry, the registry should never be used as a data store, it's a configuration store. Deleted emails are stored internally in an OST file or in a PST file depends if you are using Exchange Server or not, these are stored under %UserProfile%\AppData\Local\Microsoft\Outlook For example I use Exchange Server and my ost file is over 2GB in size these days, deleted mail that has been removed via Shift + Del does not go in the deleted items folder and will be recoverable for a limited amount of time until the free space is reused by Outlook. There are registry settings that determine how Outlook deals with deleted mail I believe but it's not something I have looked into in much detail. Ultimately no security mechanism is going to be perfect but the trick is to make it as hard as possible for those trying to break your security, the bigger that disks get the harder it is to erase stuff, but it is also harder and harder to analyse as well, as the sheer number of files involved makes it a computationally hard problem to crack. Another interesting way of hiding data is Steganography, usually the hiding of messages in images or other data, although ways now exist to detect fairly quickly if an image has been tampered with in this fashion I think. My online security provider is the only one I really trust, because nothing is ever mounted on the PC, it can't be decrypted by the site owners and the memory image in the page file can be erased by a shutdown or by the simple passage of time and continued use of the computer.
When I told my neighbour (who knows nothing about computers) what lengths I had gone to, to protect my data (especially my passwords) he immediately starting talking about what affect my obsession with computer security would have on me if I suffered from dementia! So in fear of my future mental health... I think the point I was making about Outlook data being stored in the registry was just an example of how sensitive data on your PC may be hidden in all sorts of places and be found if no disk encryption was in place. You are right about the page file being a potential security risk, and there is another way to protect that file - ENCRYPT IT... http://www.ghacks.net/2011/04/04/encrypt-your-windows-pagefile-to-improve-security/ I think this works on most versions of Windows, which automatically handles the session-only encryption keys.
