Disk Encryption Software TrueCrypt 7.1a Released

I have been using the open source encryption software TrueCrypt for a long time to keep my data secure on connected hard drives. The program has evolved over the years, and can now create encrypted file containers, encrypt full partitions and even the whole computer system.

TrueCrypt is that solid that its developers need to update it only once or twice a year. The last update dates back to September 2011 where support for Mac OS X 10.7 Lion was added to the application, and the update before that was almost a year before that.

Yesterday the first 2012 update was released. The change log over at the TrueCrypt website lists minor improvements and bug fixes as the only changes in TrueCrypt 7.1a. It does not go into further detail, other than stating that these have been applied to all supported operating systems.

TrueCrypt users can download the latest version of the application from the official project website. You need to close all TrueCrypt instances running on the system before the update can be installed.

Should you install the update if you are running a version of TrueCrypt that is not causing problems or issues on your system? I’d say you may still want to update to TrueCrypt 7.1a, considering that the update may have resolved rare bugs that you might experience in the future if you do not apply the update.

If you are a new TrueCrypt user you may be interested in our collection of TrueCrypt tutorials that we have published over the years. Here is a short selection of guides to get you started:

• Create a secure data safe with True Crypt
• Create a secure USB Data Safe
• How to Create a Hidden Encrypted Volume With True Crypt
• Storing Data In The Cloud With Dropbox And TrueCrypt
• Disguising True Crypt Volumes In MP4 Videos
• TruPax, Create TrueCrypt Containers Without True Crypt

Are you a TrueCrypt user, or do you prefer a different encryption software? (via Caschy)

How to Create a Hidden Encrypted Volume With True Crypt

A judge recently ordered a US citizen to decrypt storage space on a computer so that police forces could analyze protected files on the system. In this particular case, the defendant was ordered to decrypt the hard drive of her Toshiba notebook no later than February 21, or face the consequences “including contempt of court”.

The ruling may still get overturned, but at this point in time it is not clear how this will turn out.

Encryption makes sure that only authorized users can enable access to data provided that there is no loophole or backdoor built-into the software itself. People traveling to the US may have their mobile computers analyzed by federal agents even without probable cause.

Users have a number of options at their disposal to protect their data from prying eyes. Encryption for instance requires a pass phrase or key to be entered to decrypt the contents of the storage device. If you forget the password, you cannot open the encrypted contents anymore.

There is however a better option for users who want to make sure that they private files stay personal. True Crypt supports so called hidden volumes. These volumes are encrypted volumes inside an encrypted volume. True Crypt calls the concept plausible deniability. You put your important files into the hidden volume, and other files that you do not mind to share with others in the regular encrypted container. When someone asks you to decrypt your data, you enter the password to decrypt the first volume that you do not mind sharing with anyone.

It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume.

The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it should be impossible to prove whether there is a hidden volume within it or not*, because free space on any TrueCrypt volume is always filled with random data when the volume is created** and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.

Hidden volumes can be created quite easily in True Crypt. New True Crypt users should read through the tutorial posted on the site first to understand the basics of creating encrypted volumes on the computer.

You have the option to create both volumes in one go though, by following the process outlined below. Click on Tools > Volume Creation Wizard. You have two options now how to proceed:

• Create an encrypted file container: This option can be used to create an encrypted file on one of the computer’s hard drive and add a hidden file container to it, or add a hidden file container to an existing encrypted file.
• Encrypt non-system partition/drive: This is basically the same option as above, only that it works partitions and hard drives, and not with files. Please note that all contents of the selected hard drive/partition will get deleted in the process.

I suggest you start with an encrypted file container to see how the process works.

Select Hidden TrueCrypt volume on the next page

Now you have the option to select normal or direct mode. Normal mode creates both the outer and the hidden volume in the process, while direct mode creates a hidden volume inside an existing True Crypt file container.

Lets pick normal mode to demonstrate how both the standard encrypted container and the hidden container within are created.

You now need to select a file name for the outer container. Pick any directory and file name that you want. You can use the file name to your advantage, for instance by making it a .tmp file or a .avi.

You are then asked to select the encryption algorithm and hash algorithm for the outer volume. Pick one each or keep the default settings.

You are then asked to select a size for the file container. Keep in mind that the hidden volume is added to this container file as well. Select a password on the next screen. This password is used to decrypt the files stored in the outer volume. The volume will be formatted afterwards. Move your mouse around to create random values. Click on Format afterwards to create the file. Depending on the size, you may need to switch the file system from FAT to NTFS.

Now that you have created the outer volume, you move on to the next step, the creation of the hidden volume.

The process is nearly identical. You first select the encryption and hash algorithms, then the file size. True Crypt will display the maximum possible hidden volume file size on that screen. Don’t select the maximum if you plan on adding files to the outer volume as well.

The remaining steps are identical. You now have one outer volume, one hidden volume and two pass phrases to decrypt the volumes on your computer.

Mounting the hidden volume

To mount either the outer or hidden volume do the following:

• Select a free drive letter in the True Crypt interface.
• Click on Select File and browse to the encrypted file that you want to mount.
• click on mount afterwards.
• Enter the pass phrase for the outer volume to mount it, or the password for the hidden volume to mount it instead.

If you mount the outer volume you may want to click on mount options to check the “protect hidden volume against damage caused by writing to outer volume” box to avoid to protect the hidden container from being partially or fully overwritten. You need to supply the hidden volume password though for this option.

The very same principle applies to the creation of a hidden volume inside an encrypted partition or hard drive.

What’s your take on this new ruling?

Researchers Successfully Hack HDCP High-Def Copy Protection

Ever since the Blu-Ray video format was first announced, it has been claimed that the copy-protection on the system was uncrackable.  This is because is uses technology in your HDMI port to determine the authenticity of the video source.  Without this technology built into the port’s circuitry Blu-Ray video simply won’t work, which caused problems with some early HDMI-equipped computer monitors.

Even when the HDCP (High bandwidth Digital Content Protection) master key, which is a core element of the encrytion, was leaked last year the standard has still not been cracked because using it to build an decryption chip is very difficult and costly.

Any technology saying something is uncrackable however is just an invitation for most people to try, and not professor Tim Güneysu and Benno Lomb, a PhD student from the Ruhr University in Germany have used a “man in the middle” approach to crack the encryption for just $350.

Instead of designing and creating an HDCP-capable chip, the two men built a standalone hardware solution that is based on an inexpensive FPGA (Field Programmable Gate Array) board that contains an HDMI port and an RS232 Serial port.  These boards are programmable and designed to be configured by the user.

The purpose of the research was not to crack the HDCP encryption they said.

“Our intention was rather to investigate the fundamental security of HDCP systems and to measure the actual financial outlay for a complete knockout. The fact that we were able to achieve this in the context of a PhD thesis and using materials costing just €200 is not a ringing endorsement of the security of the current HDCP system”

The board modifies all the communications between the Blu-Ray player and a flat screen TV without the interruption being detected.  This is something that some set-top-boxes are already able to do and some boxes that can remove HDCP data from HD video have been available since shortly after the HDMI standard was introduced.  These boxes allow otherwise encrypted high-definition content that is broadcast to be compressed and recorded to disc or a hard drive.

At the moment pirates are using these boxes to copy high-definition content, admittedly in a compressed form.  But there is currently no way for them to intercept the uncompressed raw data from a Blu-Ray disc.

This solution then isn’t much use for pirates at the moment then as what would really be required is a software solution, much in the way DVD John did in 1999 when he and two friends released the DeCSS software that decrypted DVDs.  This hardware solution doesn’t offer anything that’s really useful for pirates, especially as the researchers aren’t saying how they did it.

It does prove though that with some know how and determination anything is crackable, and with a software emulated version of the hardware board a possibility in the future, encrypted Blu-Ray discs could still come under attack from pirates, not to mention the threat this poses to encrypted high-definition digital video downloads in the future.

Where this is of interest is the ease with which the researchers were able to do this and the affordability of the overall parts involved.  To claim something is uncrackable unless significant volumes of money are spent designing a new silicon chip overlooks the fact that much existing technology can emulate this process, providing anybody with full and unfettered access to unencrypted video.

---

© Mike Halsey (MVP) for gHacks Technology News | Latest Tech News, Software And Tutorials, 2011. | Permalink |
Add to del.icio.us, digg, facebook, reddit, twitter
Post tags: blu-ray, bluray, encryption, hack, HDCP

Are Biometrics the most Important Portable Feature?

As we carry more devices around with us, smartphones, tablets, netbooks, ultraportables, than ever before and now I’m wrondering if biometrics are fast becoming the must-have addition for mobile computing in the 21st century.  I have a variety of mobile devices myself and have tested a great many more in the last year.  Of these, only two have included what I would call proper biometrics, in that they have had a TPM (Trusted Platform Module) chip on the motherbard.  These being my own laptop, I was never going to get a laptop without one, and a Samsung Series 9 Ultraportable laptop that I was sent recently for a Microsoft event.

Of the rest, I’m currently testing an Acer laptop that has a fingerprint scanner but no TPM chip, and a friend has recently bought a low-cost Lenovo laptop that includes the same and has the same ommission.  Neither of my tablets have any kind of TPM and neither does my smartphone or any other smartphone or tablet that I’ve tested.

A TPM chip is one that stores encryption keys that allow you to securely encrypt the contents of the full hard disk or SSD in the machine.  The TPM chip works in conjunction with operating system solutions, most well known being Bitlocker in Windows Vista and Windows 7, to unlock those drives on a passcode, use of a physical hardware key, contactless smartcard or automatically on log-in.  They can prevent that data from ever beaing read if the operating system is reinstalled or if the hard disk is physically removed, as the encryption key is tied to the TPM chip, which is physically undetachable from its host motherboard.

On my own laptop I use Bitlocker to encrypt all my files and data and, while it’s far from perfact still, it gives me the peace of mind I need that coupled with a very strong 10+ digit Windows password, nobody but me can ever gain access to my files.

The downside of facilities such as  Bitlocker is they’re only currently supported in the Enterprise and Ultimate editions of Windows, a problem I sincerely hope Microsoft will rectify with Windows 8, as I’ve only once been sent a laptop with Windows 7 Ultimate on it, and that was the afore-mentioned Acer that didn’t have a TPM chip anyway.

Of the laptops that include fingerprint readers, I can assure you these things are pretty useless and people soon stop using them.  Also what’s the point of just having secure access to Windows when it’s still simple to pop the hard disk out and plug it into another machine.

The situation with tablets is different, most of the time anyway, with bespoke flash storage modules that can’t be plugged into another computer and where the password can only be bypassed by flashing the machine.  With Windows 8 tablets coming next year this advantage may quickly disappear though in favour of more traditional mini-SSDs with larger capacities on board.

My argument is that, certainly on laptops, ultraportables and netbooks, but also and perhaps to a slightly lesser extent, tablets, smartphones and even desktops, TPM chips should now be everywhere and encryption should be simple and intuitive if not completely automatic and seamless (as it is on some new high-end hard disks).  The amount of data we all have and carry around with us now is incredibly valuable, not just to us but also to others.  With the prices of TPM chips at an all-time low, I really can’t see why we’re not seeing ubiquity here in the way they are implemented.

The software solutions will also need to drastically improve to make them much easier to understand and use.  We can’t still be in a position a year from now though where TPM chips are still only found on high-end business laptops costing more than $1,000.

---

© Mike Halsey (MVP) for gHacks Technology News | Latest Tech News, Software And Tutorials, 2011. | Permalink |
Add to del.icio.us, digg, facebook, reddit, twitter
Post tags: biometric, bitlocker, encryption, fingerprint, tpm