Truecrypt

platinum87 · 5 Dec 2008 at 10:47

The question is, how secure is it.. im using the AES-Twofish-Serpent on a 4GB USB...

who would be able to crack that, im assuming it would take too long with a supercomputer? so is there a work around, either way if its able to be cracked i need a software which cannot.

Moley · 5 Dec 2008 at 10:51

Apparently its very secure. Not totally unhackable, but supposedly the time required to hack it is longer that the universe has left...

Lagmeister · 5 Dec 2008 at 10:56

It would theoretically take more time than the universe has already existed to break using modern technology, thats not to say that someone wont find a way to crack it somewhere down the line but its pretty secure.

Rhys · 5 Dec 2008 at 10:58

There is also Rohos Mini Disk which allows use on not admin rights accounts.

Mattus · 5 Dec 2008 at 17:31

platinum87 said:
The question is, how secure is it.. im using the AES-Twofish-Serpent on a 4GB USB...

who would be able to crack that, im assuming it would take too long with a supercomputer? so is there a work around, either way if its able to be cracked i need a software which cannot.

With current technology, it's impossible to crack - would probably take thousands of years if you use a decent password. The encryption schemes have no back doors - plus, even if one of them had a vulnerability, your data would still be safe as it's encrypted with three different cascading encryption schemes.

You've got far more to worry about with regard to someone installing a keylogger on your machine. Nobody's gonna try and crack the encryption, which is practically impossible, when they could just get the password as you type it in.

JIM_BOB7813 · 5 Dec 2008 at 19:51

Only possible to crack if you use a short or predictable password.

platinum87 · 7 Dec 2008 at 19:14

thanks all

Energize · 8 Dec 2008 at 00:43

You may also want to use nested partitions so you have plausible deniability. In case of a ripa request, or someone else trying to force you to reveal the key.

jak731 · 8 Dec 2008 at 00:53

Need to keep all those downloaded souls safe eh?

platinum87 · 8 Dec 2008 at 02:40

Energize said:
You may also want to use nested partitions so you have plausible deniability. In case of a ripa request, or someone else trying to force you to reveal the key.

whats a ripa request?

im not worried about being forced, thats not as easy as it sounds

your sneakiness impresses me

jak731 said:
Need to keep all those downloaded souls safe eh?

:d mainly bank details including passwords and of course some other sensitive information.

Energize · 8 Dec 2008 at 02:49

platinum87 said:
whats a ripa request?

im not worried about being forced, thats not as easy as it sounds

your sneakiness impresses me

The Regulation of Investigatory Powers Act 2000 makes it an offence to fail to provide encryption keys to the police when requested, by using nested partitions you can hand over a encryption code which will reveal sensitive looking information, and keep the real information in another undetectable partition hidden inside the main one. Truecrypt files also appear to be random data so it's impossible to prove there is encrypted data in the first place. Makes for a good defence against the police state this country is turning into!

Ascendancy · 8 Dec 2008 at 08:17

Some people value their information a little too much.

SiHH · 8 Dec 2008 at 09:52

Ascendancy said:
Some people value their information a little too much.

How do you figure that ?

Explain..

Energize · 8 Dec 2008 at 17:41

Ascendancy said:
Some people value their information a little too much.

You mean because we value our privacy?

geuben · 8 Dec 2008 at 17:48

It depends on the mode of encryption. Some systems use(used) 7 round AES which is secure, but CAN be broken within a reasonable time frame. Even using the standard 10 round AES it is possible to crack by noticing patterns in the encrypted data, the most secure method is 'feedback' mode, where the encrypted data is fed back into the encryptor as the key for the next block of data.

http://en.wikipedia.org/wiki/Block_cipher_mode

lumpeh · 8 Dec 2008 at 18:19

Provided you keep your private keys on a separate media, you'll be as safe as you could be on todays pcs. I would further recommend setting the swapfile to scrubbed on shutdown (its a group policy/registry edit) as windows has the notion of swapping decrypted information and you could leave perecious private info on there

Energize · 8 Dec 2008 at 18:32

geuben said:
It depends on the mode of encryption. Some systems use(used) 7 round AES which is secure, but CAN be broken within a reasonable time frame. Even using the standard 10 round AES it is possible to crack by noticing patterns in the encrypted data, the most secure method is 'feedback' mode, where the encrypted data is fed back into the encryptor as the key for the next block of data.

http://en.wikipedia.org/wiki/Block_cipher_mode

It uses XTS with 14 round AES which is the most secure practical method. Ofc you can always encrypt a one time pad file making it impossible to brute force.