This tutorial was originally posted by 4nd, (a member) at Suprbay forums, and can be read here.

Please read the First Part to this Tutorial before proceeding.

Maximum Security Using TrueCrypt

You possess files that are highly illegal, or that could get you in big trouble just for possessing. You believe that someone may try to break into your TrueCrypt volume in order to access your secret files. This someone may be an individual hacker or a group of them, possibly under the employ of a rival company (if you have company secrets, of course). Alternately, this someone could be working for the government. Whoever the attacker is, it’s imperative that you keep them out. That’s where hidden volumes come in.

What is a hidden volume?

Think of it like this:

• First, TrueCrypt creates Overall Volume A, which is 1 GB. This is separated into two parts: Visible Volume B (800 MB) and Hidden Volume C (200 MB).
• Visible Volume B and Hidden Volume C have different passwords. Depending on which password is used to mount Overall Volume A, either Visible Volume B or Hidden Volume C will be mounted.
• Because of the nature of TrueCrypt volumes, proving the existence of Hidden Volume C, even if one is aware of Overall Volume A and Visible Volume B, is extremely hard if not possible.
• You, the user, puts 800 MB of fairly incriminating files in Visible Volume B, such as porn. You put 200 MB of really incriminating stuff in Hidden Volume C. If someone forces you to give up the password for your TrueCrypt volume, you tell them the password to Visible Volume B. They see the porn and think that’s all you have. Since they can’t prove Hidden Volume C’s existence, your data is protected. You have what is called plausible deniability.
• Even if you don’t fill the volume with your porn/incriminating files, because of the nature of TrueCrypt volumes, it still looks completely full.

Creating a hidden volume follows a similar procedure as creating a normal volume. Start TrueCrypt and hit Create Volume.

To begin, first select “Create an encrypted file container”

Now select “Hidden TrueCrypt volume” and hit Next.

Select the location of the volume. You can overwrite an existing file (thus destroying it, so be careful!) or create your own. Example: C:\Documents and Settings\yourusername\My Documents\truecrypt_volume

Choose your encryption algorithm.

Choose the size of the overall volume.

Choose a password for the volume.

Uncheck the “Show” box and move your mouse around the screen as randomly as possible. After a satisfactory amount of time (at least a minute), hit Format.

Now the wizard will tell you to add files to the storage volume. Use this opportunity to add files that you want people to think are the reason you have the TrueCrypt volume; porn, pirated movies, plots to take over the world, whatever. You have to add at least one file before moving on.

Once you finish adding files, TrueCrypt will scan the volume to see how much space is left. Hit Next.

Now you can select the encryption algorithm for the hidden volume, which need not be the same as for the outer volume.

Select the size of your hidden volume, which is the overall volume’s size minus the total size of those files you added. The maximum size is displayed for you.

Choose a password for the inner volume. This password must be different (preferably significantly different) from the password you used for the overall volume. As before, follow the guidelines listed above, or in the TrueCrypt wizard window, for creating a good password.

Choose a file system for the hidden volume.

Now, as before, generate the cryptographic key for the hidden volume by moving your mouse around the window for a little while. Uncheck “Show” if you like. When you’re done, hit Format.

TrueCrypt will give you a popup when complete notifying you that it’s done, along with providing some helpful information and a warning about hidden volumes.

You’re done! Skip below to learn how to use your new file system.

How to Use Your TrueCrypt Volume

Here’s a pic of TrueCrypt’s interface.

To mount and decrypt a storage volume:

* Highlight an empty slot
* Press “Select File…” and navigate to your TrueCrypt volume.
* Hit Mount.

TrueCrypt will ask for the volume’s password.

* If you created a hidden volume: Enter the outer volume’s password to mount the volume with your “dummy” files. Enter the hidden volume’s password to mount the hidden volume, with your real sensitive data.

TrueCrypt will decrypt your volume and mount it as though it were, say, a flash drive. Windows users can go to My Computer and double-click on the “truecrypt1″ device to access their mounted volume, or just double-click on the mounted volume in the TrueCrypt window. Linux users: TrueCrypt mounts the volume in /media/ but you can also just use the TrueCrypt window to access the volume.

Use your file browser to add, remove, or run/display files that you keep in your storage volume. Leave TrueCrypt running while doing so.

When you’re finished, right-click the volume and hit Dismount (alternately, hit Dismount All at the bottom) and then click Exit. Make sure you dismount the volumes before exiting TrueCrypt!

Additional Reading on TrueCrypt

• While TrueCrypt is a very good application, it is not perfect. Its Wikipedia entry details a few vulnerabilities that someone can use to get to your protected data. Most of these vulnerabilities, however, either require physical access to your computer, or simply point to possible TrueCrypt volumes (but doesn’t decrypt them).
• The TrueCrypt FAQ answers some common questions about TrueCrypt and provides some helpful extra info.
• It’s worth pointing out that in addition to creating volumes that appear to be files, TrueCrypt can encrypt entire partitions of storage devices, such as hard drives and flash drives. It can even create hidden volumes within these partitions. The FAQ has more information on that.
• Furthermore, if you run Windows, TrueCrypt can be used to encrypt your entire operating system. Again, consult the FAQ.

Special Thanks

A big special thanks to 4nd at Suprbay forums for writing this fantastic tutorial!

Join the forum discussion on this post - (1) Posts

This tutorial was originally posted by 4nd, (a member) at Suprbay forums, and can be read here.

Using TrueCrypt to Protect Sensitive Files

Do you have incriminating or otherwise sensitive files that you want to keep secret? Perhaps you merely have a porn collection on a shared computer that you need to keep secret from the rest of the family. On the other hand, perhaps you possess files that, depending on your country of residence, could get you arrested and jailed simply for having them. Whatever your specific needs are, encrypting your data so that only you can read it goes a long way towards protecting your privacy. In this hopefully noob-friendly tutorial, I’ll describe how to use a program called TrueCrypt to protect your sensitive files.

What is TrueCrypt?

TrueCrypt is an open-source, cross-platform program that allows you to create protected storage volumes, in which you can safely keep your secret files. It’s important to understand that TrueCrypt does not selectively encrypt files; rather, it creates a sort of encrypted folder that protects anything in it. This folder, known as a storage volume, must be mounted with TrueCrypt and requires a password to be accessed.

I know that there are plenty of different applications for selectively encrypting single files, which vary from platform to platform. So why did I choose TrueCrypt? Because:

• TrueCrypt is open source. Matters of computer security are best left up to software in which it is an established fact that there are no backdoors, significant vulnerabilities, etc.
• Consequently, TrueCrypt is free to download and use.
• TrueCrypt is cross-platform. It runs on Windows, OS X and Linux.
• If you choose the maximum security options, TrueCrypt is exceptionally good at not only protecting the files you want to keep secret, but hiding their very existence. Even with “weaker” security settings, TrueCrypt is great for protecting your files.

Step 1: Get it!

Download the TrueCrypt installer for your operating system. Run it. While I only have experience with the Linux version of the installer, I assume that the installers for other systems are as relatively painless as the Linux version. Install TrueCrypt and open it.

Now it’s time to create an encrypted storage container. Run TrueCrypt and hit “Create Volume.” I have spoiler’d the following sections because they’re quite large, and contain screenshots of the volume creation process (y’know, for noob friendliness).

Setup: Moderate Security

Note, Maximum Security section is located on the next page.

If you want to keep your porn stash safe from your parents, this is your section. Additionally, you can use this method if you have a reasonable belief that nobody with serious hacking skill is going to try to get at your private data. If, however, your information is inappropriate or illegal enough to get you prosecuted simply for possessing it, you may want to play it safe and skip to the I want Maximum Security Tutorial. Otherwise, read on.

In the TrueCrypt Volume Creation Wizard, select “Create an encrypted file container.”

Select “Standard TrueCrypt volume.”

In this screen you select the location of the storage container. You don’t have to have a pre-existing file for this step. For example, if you’re on Windows XP, you can put “C:\Documents and Settings\yourusernamehere\My Documents\truecrypt_volume” into the Select File dialog and TrueCrypt will create a file in your My Documents folder. This file will be your storage container.

If you wish to use a different cryptographic algorithm than AES, you can select it here. If you don’t, leave these options the way they are and hit Next.

Here you determine the size of your storage volume. Obviously this sets the limit for how much you can store; if you make your volume 500 MB, you won’t be able to fit a 700 MB movie rip in it. Remember: The larger the volume is, the more difficult it will be to move between devices (separate computers, flash drives, etc), but the more you can store in it.

Enter the password you will use to decrypt the volume. You want to make sure this is a fairly strong password. While there are guides all over the Internet for creating a good password, I’ll list a few tips:

• Try to base your password off something that you, and only you, would know.
• Don’t just make it a single word. Multiple words are better, though inserting some misspellings, numbers instead of letters, or random punctuation characters helps thwart dictionary attacks (where someone runs a program that tries all the words in the dictionary in order to guess your password).
• Don’t use a password that you’re using for something else (such as your user account on the computer, or your email password). Create an entirely new one.
• Do not forget this password. If you do, you’re screwed if you want to access your protected files.

Choose your file system here. If you don’t know what this means, or if you don’t care about the specific file system being used, hit Next.

Spend about a minute or so moving your mouse as randomly as possible within this window. TrueCrypt uses this method to determine how strong the cryptographic key is. The longer you move your mouse, the stronger the key. When you’re finished, hit Format and then wait. TrueCrypt will create the storage volume in the location you specified and notify you when it’s complete. Depending on the size of the volume you specified, and how strong the key is (how long you moved your mouse in this window), it might take anywhere from a few seconds to several minutes.

You’re done! Hit Exit in the next screen. Now you’re ready to start adding files to your protected storage volume.

Part 2 – Maximum Security Using TrueCrypt

Join the forum discussion on this post - (1) Posts