Disk Encryption/Hidden Volumes
Add or edit subsection:
|Section of||Disk Encryption|
- Last modified: 6 August 2013 17:18:21
- русская версия
- Russian version: Скрытые тома
- Last modified: 6 August 2013 17:18:22
This session requires a thorough explanation to the concept and reasons behind creating a hidden volume, and the best way to keep its existence concealed. Stress the importance of choosing the right size for the hidden volume and the need to keep the outer volume prepared for surrender and inspection - the need to hold files that will satisfy the adversary in there
Trainer's notes:' Its advisable that a hidden volume is created from scratch, then the exercise is repeated to create the hidden volume inside the original standard volume (from a previous session).
Creating a Hidden Volume
Follow the guidelines as per https://security.ngoinabox.org/en/truecrypt_hiddenvolumes. Make sure that the password for the hidden volume is NOT the same as for the outer. Do not enable the disk protection feature, since this could expose the existence of the hidden disk.
Demonstrate the difference between accessing a hidden and standard volume. Discuss the most effective password policy for the user's needs.
Trainer's notes: It is always best to draw the standard/hidden volume during explanation. Try first to create a hidden volume inside the existing standard one. Explain that in the instance of running a hidden volume, the users need to remember the standard password by heart and keep the hidden volume's password safe in a different location (e.g. KeePass)
Advanced exercises (Truecrypt)
- Create a 1MB volume, a 1/2 MB hidden volume within it.
- Populate the standard volume with documents prepared for 'surrender' and the hidden one with sensitive files.
- Upload the volume to an online file server (e.g. adrive.com) or to an email account.
- Change computers, download the volume and open the hidden disk