Search TQA Weekly
Log into your TQA Weekly

Advanced Encryption - Plausible Deniability with TrueCrypt

A step by step guide to protecting yourself using encryption.

Guide to using TrueCrypt to making hidden partitions, to protect against data loss resulting in personal and commerical theft and extortion.

Episode #1-05 released on October 17, 2010

This is your host, Steve Smith, Founder of Zed Axis Productions, and Digital Technologies Consultant.

Thank you for listening to our fifth episode of Technology Questions Answered, and today's topic, Advanced Encryption using TrueCrypt. This is going to be important for those who want to cross borders, or protect from theft sensitive personal and commercial information, or prevent people from having access to information that could be used to extort money and services from you, through the use of hidden partitions, and the practical use of plausible deniability.

So lets talk installation methods for TrueCrypt. There are two methods you can install TrueCrypt to your system. You can use the installer or you can run it directly using a usb drive. For the instructions of this exercise, I run it directly from Windows, and I am using Windows Vista Ultimate. My partition editor is Easeus Partition Master 5.8.1 Home Edition. It is free, and very easy to use.

I will be explaining to you how to make a hidden partition from creation of the new partition and through the use of TrueCrypt. This will be achievable in 26 steps, which I made snap shots of, and are available in the show notes. Each step corresponds to a thumbnail number in the show notes.

Let's Start, open Easeus Partition Master, if you installed it, or you can skip ahead to step 7 if you already have made a partition or know how. You can also go to the show notes on our web-site to follow along. Now starting with step 1:

Step 1 - select your master partition to resize
Step 2 - select resize
Step 3 - adjust the partition to liberate some free space for a hidden partition
Step 4 - the program will lock the partition, do not be alarmed
Step 5 - select the unallocated space and create a partition
Step 6 - select apply, and remember, the system may require a restart, let the computer restart to create the partition, if it asks to.
Step 7 - After the partition is created, open TrueCrypt, select create volume
Step 8 - select “encrypt a non-system partition/drive”, click next
Step 9 - select “hidden TrueCrypt volume”, click next
Step 10 - select normal mode, click next
Step 11 - select device
Step 12 - select the new partition you created, then click ok,
Step 13 - select next
Step 14 - Now your in the outer volume, this is the partition where you will create the plausible deniability, select next
Step 15 - Outer Volume Encryption options, select encryption algorithm, and select hash algorithm, you can leave the defaults there until you've read up on what they mean, then select next
Step 16 - Outer Volume Size, only adjustable if within a file, and in a partition it is fixed in size, select next
Step 17 - create outer volume password, make it long and complicated from others to guess, it can be a phrase or sentence. You can trick dictionary attacks by typing the number or letter to the right, left, top or bottom of the intended key, or using a combination of any of the four directions. Do not share the method to decode your password with anyone, select next, when you have created your password.
Step 18 - select whether you want to store files larger than 4GB, then select next
Step 19 - Outer Volume Format, select the file system type. Note: NTFS is required for all files larger than 4gb, click format
Step 20 - Outer Volume Contents, select open outer volume, copy some files in the drive to create the illusion that these are the files you want to protect, this will create plausible deniability, close the drive window, then select next in TrueCrypt.
Step 21 - Hidden Volume Encryption options, again, select an encryption and hash algorithm, then click next, you may leave the defaults
Step 22 - select the size you need for the “hidden volume size”, then click next
Step 23 - Hidden Volume Password, create a different password for this hidden volume, using a long complicated password, like I explained for the outer volume, then click next
Step 24 - Hidden Volume Format, select file system, again, NTFS is required for files larger than 4GB, then select format
Step 25 - Read the Warning, and read the instructions on their site, my show notes, or listen carefully for what I say a little later for writing to the outer volume, and protecting the hidden volume, click OK
Step 26 - The Hidden Volume is now created, click Exit, your finished creating the hidden volume.

Now that you've followed the instructions to creating your own hidden partition, you now need to be to access the volumes. This is easy, using the auto- mount device feature in TrueCrypt. Select any drive letter, then click Auto-mount Device. Click Mount Options, select “Protect Hidden Volume Against damage caused by writing to outer volume”, enter hidden volume password, click OK. Then enter the outer volume password, and the outer volume with be loaded as a drive in Windows, Linux or Mac. To enter the hidden drive after, select a different drive letter, then auto-mount device, enter the hidden volume password, and it, too, will load as a drive. You should always open the outer volume with the hidden drive protection, before writing to outer volume, or to open the hidden volume, to make sure all the files stay intact and safe. To dismount all the drives, either click dismount all in the TrueCrypt main window, or from the icon on the taskbar, right click, and select “Dismount All Mounted Volumes.”

That's basically how all this is done. All that is left is to make sure you have the passwords saved in different and safe places. The hidden volume partition password should not be in the same page, file, book, CD or drive, as the outer volume password. My suggestion is the put it in a usb key, in a safe deposit box of one of your friends or family, not yours, because if anyone wants to get a hold of the information, that is the first place they may go for the information.

You may want to use a usb key to load TrueCrypt instead of installing it in your windows, because it will be harder for anyone to know if you have encrypted partitions in your computer if there is no encryption software in it.

Next week, we will be talking about Vampire Loads, what they are, and how to avoid them. If you have any questions, comments or stories on any topic we talk about, you may find all the necessary contact information or list of sources, software, hardware suggestions, and a link to our new message board on our web-site at Triple-W-dot-Z-E-D-A-X-I -S dot-NET, as well as a list of important pod casts that you should also listen to.

This has been a podcast, hosted by Steve Smith, Digital Technologies Consultant for Zed Axis Productions, Stay Safe and Online. This has been Technology Questions Answered.

This show was recorded using audacity, an open-source, sound recorder and editor, head over to audacity.sourceforge.net and support Audacity by donating or buying exclusive merchandise, or head over to our site and view the links in the show notes of this episode.

This show was recorded: October 17th, 2010 and is now available on iTunes and our web-site at http://www.zedaxis.net/.

Host : Steve Smith | Music : Steve Smith | Editor : Steve Smith | Producer : Zed Axis Productions

Sources & Resources