1

I'm not into security and encryption at all, I'm just a Truecrypt user. So maybe it's a very noob-question, but I can't figure it out.

When I make a Truecrypt container, it will encrypt everything inside it. When I want to open the container, I open up Truecrypt, mount the file and type in my password.

Suppose my computer is stolen and the thief finds the container and is savy enough to recognize it as a Truectypt-container. All the encryption will do me no good, right? Because the only thing the thief has to do is crack my password, open up Truecrypt and mount the container.

So, although my files are encrypted, there seems to be a single point of failure: the password (which I make very strong ofcourse).

Are there any flaws in my logic?

Ebenezar John Paul
  • 2,884
  • 16
  • 23
Erwin Matijsen
  • 21
  • 2
  • Well, without TrueCrypt, they don't even need your password to access your files. – user253751 Aug 08 '14 at 12:12
  • They would if I password-protected the file (for example lock up an Excel-file). With Truecrtypt they wouldn't know what the file is though (it could be Excel, PDF or whatever). If I only use a password to lock up the Excel-file, they would see it is an Excel-file. But they still need my password to open the file. – Erwin Matijsen Aug 08 '14 at 12:17
  • FYI, to open password protected Office files you usually just need Libre/OpenOffice and it will be enough. – Gurzo Aug 08 '14 at 13:43

3 Answers3

3

Yes, the password is what regulates access to your files. So it's the single "point of failure" but its also what keeps you safe.

Suppose my computer is stolen and the thief finds the container and is savy enough to recognize it as a Truectypt-container. All the encryption will do me no good, right? Because the only thing the thief has to do is crack my password, open up Truecrypt and mount the container.

That case is exactly what encryption is for. If you use a strong password and a decent encryption algorithm, it may take an attacker forever to decrypt your files. Security is never 100% but the measure of security is determined by how hard it is for an attacker to get what he wants. The better your password and your algorithms, the higher your security (given that there are no software flaws and that you keep your password also secure)

Think about it: not only an attacker might be interested in decrypting your files but also you might be interested in keeping access to them. So there must be a way to identify you which usually is

  • something you know (a password)
  • something you have (a key card)
  • something you are (iris scan, fingerprint, voice recognition, etc.)

You can combine those methods to make access to your data more secure, but in general, that what grants you access can also be misused by an attacker. You cannot avoid that but only try to keep your passwords and smartcards for yourself.

Besides, there are more possibilities to attack an encryption scheme, e.g. if you have a backdoor in your encryption software or if you are choosing a weak encryption algorithm. You can only try to avoid that as good as possible by staying informed on these topics. Especially Truecrypt has had quite some problems with these ("WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues." See: http://truecrypt.sourceforge.net/).

What you may be after - since you talk about that the attacker recognizes the file as Truecrypt containers - is to hide the encrypted data. This is more about steganography than cryptography. You can put your data on a hidden partition on your hard disk or split it between more innocent looking files (incorporate it in JPEGs or whatever). But usually, hiding data is not as effective as encrypting it. If you are really paranoid you can, of course, do both.

Michael Helwig
  • 365
  • 1
  • 2
  • 10
  • You say: "That case is exactly what encryption is for. If you use a strong password and a decent encryption algorithm, it may take an attacker forever to decrypt your files." But if the thief knows it's a Truecrypt container, he only has to guess my password right? And with it he can decrypt the container. Not that it's easy to guess my passwords, but there's no decrypting involved. – Erwin Matijsen Aug 08 '14 at 10:12
  • 1
    You overestimate guessing (i.e. bruteforce attacks). Guessing, given that you have chosen a good password, may take nearly forever. Let your password include lowercase, uppercase, digits and symbols and be of a decent length (e.g. 30 characters). So you have about 68^30 possibilities if the attacker knows the length of your password (otherwise even more). There are also some algorithms that use arithmetic operations which are resource expensive to calculate on todays hardware so the guessing speed slows down considerably. Calculate it yourself here: http://calc.opensecurityresearch.com/ – Michael Helwig Aug 08 '14 at 10:28
  • 1
    @erwinmatijsen Theres some real life examples on TrueCrypt's wikipedia entry on organizations trying this guessing, though it doesn't say with what computing power the FBI's was using, it states they tried a dictionary attack ( ; guessing ) for 12 months, they then gave up. – Philipp Gayret Aug 08 '14 at 10:36
  • @MichaelHelwig Ok thanks for clearing that up. I was overestimating guessing, I guess. – Erwin Matijsen Aug 08 '14 at 10:58
1

It depends on what you mean with password-protection. I assume that you mean a password to get (operating system) privileges, which are necessary to read the unencrypted file.

A password-protected filesystem which is not encrypted, relies on a running process, which handles the authorization. An attacker could easily boot such a system in an alternate way such as a bootable USB-stick, or he could extract the harddisk. Then the process won't be started and he can read all files plaintext.

With an encrypted Truecrypt container, the attacker could also boot the device, but of course he can see only the encrypted container. He needs to "brute-force" this container and with a strong password this is not an easy task (nearly impossible).

martinstoeckli
  • 5,279
  • 2
  • 29
  • 32
1

The key (mis)assumption here is contained in the statement,

"...the only thing the thief has to do is crack my password, open up Truecrypt and mount the container..."

Unless you are a nation-state-level attacker (e.g. "No Such Agency" and its foreign counterparts), I think you will find cracking a TrueCrypt password (even acknowledging the many legitimate questions about TrueCrypt after its abandonment by its original developers), to be (ahem) "easier said than done".

The fact is that any system of cryptography (TrueCrypt included) can be compromised if you don't use it properly (for example if you use something stupid like "1234", "password" or "letmein" as your password), and a cryptographic system that isn't properly designed (e.g. which leaks information) can make it trivially easy for even a moderately sophisticated attacker to break the encryption and recover the "plaintext" (unencrypted) version of the data that you have stored in the supposedly "protected" container.

That having been said, however, the publicly available evidence suggests that while there are some questions about TrueCrypt, it is well enough implemented so as to be a real S.O.B. to successfully attack, if you use a decent (10+ character, with complexity) password. (Don't take my word for it; check out any of the relevant forensics blogs and see how frustrated some attackers are, about TrueCrypt.)

Another key feature that it has -- to my mind this is a very important one -- is that you can further protect the password complexity of a TrueCrypt container by using "keyfiles", which provide a primitive version of "something you have (e.g. the keyfile), and something you know (e.g. the password)". (Make sure not to store the keyfile in some easily-accessible location for an attacker; keep it in the cloud, or on a USB stick and not on the same hard drive as where you have the TrueCrypt container.)

Lastly, in your case, the other thing that I'd be sure to do, is not use the same password for your TrueCrypt container, as you use for authentication to the account that you use, when you log on to your PC. The point being, if someone somehow breaks or infers your account password (not impossible to do, especially if you're using Windows or you have a lot of "shoulder surfers" in your vicinity), you don't want them to simultaneously get access to your "secured" container. I see this happening a lot, and it drives me crazy!

user53510
  • 810
  • 5
  • 3
  • Thanks for your anwser. I understand I need a strong password (and I understand now how hard it is to crack), and I'm aware of the extra steps I can take to further secure my data. But the original question is still the same: how is encryption different from password-protection, if in both cases the 'only' thing needed is to crack the password? Apart from other measures that can be taken (like keyfiles). – Erwin Matijsen Aug 08 '14 at 16:19