Windows : Encrypted Hidden File Containers / devices

From The Black OP Security Wiki

Jump to: navigation, search
  Main Page >> Tutorial Directory >> TrueCrypt >> Windows : Encrypted Hidden File Containers / devices

Windows: Deniable Encrypted Containers (including shell files and partitions)



1. Launch Truecrypt by double clicking the icon on your desktop

2. This is what the Truecrypt Gui looks like

3. Let's create a new encrypted volume for you to store sensitive files in

4. This tutorial will discuss how to create an encrypted file container. An encrypted file container is pretty much a 'virtual hard drive', which you can mount and store files in. The files stored in the encrypted container are automatically encrypted. Note that when the container is mounted, the files are decrypted and the key is stored in RAM.

5. We are going to make a container with plausible deniability. I see no reasons anyone would ever make a container with out this feature, it requires little extra space and adds a great amount of security. If you live in the UK or places with similar laws, it is vital that you use this feature, because it is a crime to not reveal your encryption key to law enforcement in the first place.

6.Select normal mode, because we are making a hidden container from scratch

7.Select a path for the container to be stored. You can put one in yourself if you like, name it whatever you want, but avoid naming it with an executable extension as this can mess things up. You can name it with a .tc extension if you like, or perhaps a .txt extension or something to make it a bit harder to find for an adversary inspecting your machine.

8.Select next, so we can start making the outer volume.

9. The first thing we need to do is select an encryption algorithm. I suggest you go with Serpent, or perhaps a cascade of Serpent and Twofish. You can find my opinions on various encryption algorithms in my <a href="encryption_principles.html">general encryption overview tutorial</a>. Note that the more encryption algorithms you add to the cascade, the slower encryption and decryption will be.

10. Select a hash. I would go with Whirlpool personally.

11. Click next

12. Select a size to make the outer volume. Notice that the size of the outer volume will contribute to the maximum size of the hidden volume, and also that the entire space allocated to the outer volume will not be available as some will be used for the hidden volume.

13. Make a password for the outer volume. You will not want to make this password to easy, but I like to make mine significantly easier to crack than the hidden sections password. This is so that an adversary will perhaps crack the outer encryption, find nothing, and not think to look for a hidden volume. You don't keep anything really sensitive in the outer encryption, and you are able to give up the password to it if required to.

14. Select a filesystem to use. I usually go with NTFS, but Truecrypt suggests you go with FAT for the outer volume as it allows for your hidden section to be larger. What you use is up to you and wont have an impact on your security.

15. Don't leave the random pool visible, for security reasons.

16. Move your mouse around randomly with in the GUI for a period of time. The longer you move it the better. It gathers entropy for the random number generation. Then click format.

17. Truecrypt suggests I use FAT. I want to use NTFS though. You can use whatever you want.

18. The outer volume is not formatting. This can take a while depending on how big it is.

19. Now we open the outer volume and add pretend sensitive files to it. You are going to want to make the sensitive files look like things you want to keep secret, but that you don't really care if your adversary looks at it. Some suggestions: Tax returns, Taboo porn.

20. I made a text document called top secret and filled it with random stuff that looks secret. You probably should make your files a bit more convincing than this.

21. Ok close the outer container

22. Now we make the hidden volume!

23. Truecrypt will scan your container and see how much room you can give to the hidden section.

24. Select the encryption algorithm and hash you want to use for the hidden volume. I suggest you use the same thing you used for the outer volume.

25. Select how much space you want to allocate to the hidden volume. Note that if you want to add more files to the outer volume in the future, you should leave adequate room to do so.


26. Select a password for the hidden volume. Make this one very good and long. You don't want it to be broken by a password cracker. Also, make it substantially different from the password of the outer volume.

27. Select a filesystem for the hidden section. You should make this one NTFS.

28. Make sure that the random pool is not displayed. Move your mouse around the GUI as randomly as possible for five or ten minutes and then click format.

29. After a few minutes your hidden volume will be ready.

30. Now you want to click exit. If you click next it will start the process of creating another new hidden container file.

31. Selet a virtual drive letter you want to use for your mounted encrypted container. You should in most cases use a persistent letter, meaning if you mount it once as E you should continue to mount that container as E. After you have the letter you want to use highlighted, click on select file.

32. I select the truecrypt container file I previously created

33. Now click the mount button to mount your container

34. Let's mount the hidden container. Type in your password for the hidden container. You are not going to want to display the password however.

35. Your virtual encrypted hard drive is now mounted. If you double click on it, the contents will pop up.

36. Let's put some actual sensitive files in the hidden section.

37. When you are done using your encrypted container file, you should unmount it. When it is mounted, the key is in the RAM.

38. Let's say you are ordered by law enforcement to give up a password. In this case, we select the file to mount as usual


39. Select mount as normal

40. Type in (or tell LE) the password to your outer volume.

41. Your outer volume with pretend-sensitive information is now mounted. Nothing that can be used against you.

Retrieved from "http://blackopsecurity.net/wiki/index.php/Windows_:_Encrypted_Hidden_File_Containers_/_devices"
Personal tools