Jump to content

Question About Truecrypt

captinkrunch

By captinkrunch
in Questions

 Share

Recommended Posts

captinkrunch Newbie

captinkrunch

Posted
Posted (edited)

hello i heard turecrypt was pretty much impossible to crack my question to u is if u format the drive could you then use forensics to dig up info/data???

i realize this is probally a stupid question but i would like to kno thanks!!

Edited by captinkrunch
Link to comment
Share on other sites
Mr-Protocol Grand Master

Mr-Protocol

Posted
Posted

hello i heard turecrypt was pretty much impossible to crack my question to u is if u format the drive could you then use forensics to dig up info/data???

i realize this is probally a stupid question but i would like to kno thanks!!

http://code.google.com/p/truecrack/

If it was just deleted and overwritten, in theory the truecrypt volume could be recovered. But you would still need to crack the encryption on it to see the real data.

Link to comment
Share on other sites
KidBuu Newbie

KidBuu

Posted
Posted (edited)

Technically everything encrypted is crackable, the strength behind an encryption is whether or not it is computationally feasable to recover the key. Basically to decrypt the ciphertext output by encryption algorithms that are called "uncrackable" you would need to enumerate all possible keys in order to recover the original data. For example, suppose that you use an encryption algorithm using a 128-bit key. Then you would need to try 2^128 keys by trying to break the encryption algorithm by brute force (assuming that cryptanalysis doesn't reduce the number of possibilities given a ciphertext), which even on hundreds of super computers would take hundreds of years if not more to break (don't feel like doing the math right now). AES is one of the most secure symmetric encryption algorithms as of now so if you use truecrypt I would probably choose that encryption algorithm. However, I read a research paper a few months ago where they basically found that if someone get's your computer in sleep mode they can examine memory to recover your encryption key (they didn't test truecrypt although). So furthermore, disk encryption is only secure if the computer is not powered on when it is taken.

Search "cold booting" if you're interested in the disk encryption vulnerability

Edited by KidBuu
Link to comment
Share on other sites
captinkrunch Newbie

captinkrunch

Posted
  • Author
Posted

Technically everything encrypted is crackable, the strength behind an encryption is whether or not it is computationally feasable to recover the key. Basically to decrypt the ciphertext output by encryption algorithms that are called "uncrackable" you would need to enumerate all possible keys in order to recover the original data. For example, suppose that you use an encryption algorithm using a 128-bit key. Then you would need to try 2^128 keys by trying to break the encryption algorithm by brute force (assuming that cryptanalysis doesn't reduce the number of possibilities given a ciphertext), which even on hundreds of super computers would take hundreds of years if not more to break (don't feel like doing the math right now). AES is one of the most secure symmetric encryption algorithms as of now so if you use truecrypt I would probably choose that encryption algorithm. However, I read a research paper a few months ago where they basically found that if someone get's your computer in sleep mode they can examine memory to recover your encryption key (they didn't test truecrypt although). So furthermore, disk encryption is only secure if the computer is not powered on when it is taken.

i belive its called cold starting (could be wrong) i also have seen ppl who unplug the comp plug it back in with a thumb drive for some reason or another it can recover the password some how (was awile ago cant rember) i was just woundering if u formated a drive if the encryption was still on the data you could forenscly pick up

Link to comment
Share on other sites
Mr-Protocol Grand Master

Mr-Protocol

Posted
Posted

i belive its called cold starting (could be wrong) i also have seen ppl who unplug the comp plug it back in with a thumb drive for some reason or another it can recover the password some how (was awile ago cant rember) i was just woundering if u formated a drive if the encryption was still on the data you could forenscly pick up

http://forums.hak5.org/index.php?showtopic=26622&view=findpost&p=203514

Link to comment
Share on other sites
whitehat Newbie

whitehat

Posted
Posted (edited)

You see, Mr. P? Look at you being all helpful! As almost always!!

You can't help it! You love it! You didn't tell him to Google it or that you don't spoon-feed or anything. He asked a question and you knew the answer so you answered it. Then he asked ANOTHER question even though he has a perfectly good Google-capable browser and you answered it AGAIN.

It's not just bc of the sub-forum either. I can point out you being all helpful in Jasager and probably every area of the forum. You can't help yourself. You're NICE and HELPFUL and you love questions! You even ask them!

;) lolololol <3 <3 <3 Now go tell "science" you're sorry ;) jk! you da man

Edited by whitehat
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...