In theory an encrypted partition WITH encrypted partition header as created by m

Question

In theory an encrypted partition WITH encrypted partition header as created by mentioned encryption software, should be nearly random-looking. But maybe there are some clues, like offsets, double backup data. This question is important, because I want to know if revealing that a specific disk has been encrypted with one of those software is lowering the security and attacker's effort or not. One also wouldn't want to potentially make an attacker weary by giving him false or vague information which he could prove to be false.

Explanation / Answer

No.

An attacker can not distinguish between VeraCrypt and TrueCrypt. The reason for this is that they both share the volume format and guarantee a completely random looking container.

Concerning DiskCryptor, which seems to be an earlier fork of TrueCrypt, it looks like the header is also random-looking. The only difference may be measured if the drive is mounted, as the size of the volume, as TrueCrypt uses larger headers than DiskCryptor.

So by an offline attack no difference can be measured.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects