Objective ad Verbatim:
“As an alternative to EFS, third party applications can also be downloaded to protect files with cryptography. In this project, you will download and install TrueCrypt.” (Ciampa, 2009)
Process:
1. The first step was to download TrueCrypt at truecrypt.org and install it.
2. Next, I opened up TrueCrypt and created a new volume.
3. I chose to create a simple encrypted file container. This option creates a file containing the encrypted drive information on your hard drive or removable material.
4. Then, I selected the ‘Standard TrueCrypt Volume’.
5. On the next page, I was directed to pick which encryption and hash algorithm I wanted. I stuck to the default settings.
6. Next, I set the volume size to 1 MB.
7. Then, I set up my password to access the encrypted volume.
8. On the Volume Format page, things got interesting. I was directed to wiggle my mouse about inside the window in a random fashion to generate the random pool to increase the cryptographic strength of the encryption keys. After, waving my mouse about for what seemed to be a sufficient time, I clicked Format.
9. It then informed me that the volume was created successfully.
10. Now, to access the Encrypted Volume I just created, I had to click Exit and return to the main page. Clicking on a random drive letter, I pressed Mount and entered in my volume password.
11. Following the instructions in the book, I created a Word document containing a considerable amount of text. I titled it Truecrypt Encrypted.docx.
12. Opening up My Computer, I checked that the encrypted drive was mounted and saved a duplicate of my TrueCrypt Encrypted.docx in the drive. First, I opened the file outside of the encrypted drive to get a vague estimate on how long an unencrypted file takes to open. Then, I opened the encrypted file. Oddly enough and contrary to intuition, there was not much difference between the two file reads.
Reflection:
I’ll cover the finer points and issues with privacy and encryption in another post to keep this post oriented towards what I perceive this exercise to represent.
From this hands-on project, TrueCrypt is demonstrated to be extremely easy to use with a rather high level of security in terms of cryptographic protection. More particularly, this allows casual computer users to have the same standard of protection available to large organisations such as banks in a user-friendly package. The method of using a file as a container for the drive means that steganography can be employed to hide the drive in a field of innocent files. Also, it creates an easy to transport style, i.e. simply by copying or cutting the file into an external device.
Now if we explore the other features of TrueCrypt, we discover we can create a hidden container within a container. This drive within a drive system works like so: When a user inputs the password for the outer drive, TrueCrypt mounts the decoy (outer) drive. However, when the password for the hidden (inner) drive is used, TrueCrypt reveals the secret drive. This hidden drive is practically invisible when examined via forensics or when the password for the outer drive is supplied. This is particularly useful when a password is extracted from a user via rubber hose cryptanalysis or the user is required by the law to supply one. The attacker will access the decoy drive and will merely view what the user wants the attacker to see. This protection is called ‘Plausible Deniability’.
Sine Cera,
Jeremy Heng.
"Quis custodiet ipsos custodes?"
Hands-On Project 11.3 Sources
No comments:
Post a Comment