Truecrypt

Why is it that I don't see Truecrypt mentioned here? I personally have no experience with TAILS (don't really like that it's in beta) but it seems like there is a lack of info on secure digital storage. I have used Truecrypt for years, basically saving my passwords and private keys in txt files.

For those who don't know, truecrypt creates a 'container file' which is encrypted with a key generated by a passphrase you enter (the weakest link in the system), for example, in my case I use 256 bit AES-TwoFish-Serpent. Difficult enough to break for storing private keys and login info for DNMs, I think. For credibility, google Daniel Dantas; in 2009 his truecrypt encrypted HDD was handed over to the FBI and the best they could throw at it was a dictionary attack. Here is another, though this one is PGP : http://www.cnet.com/news/judge-orders-defendant-to-decrypt-pgp-protected-laptop/

From what I see, it's barely mentioned on /r/DNM and I'm curious why. How do you secure your private keys and passwords?


Comments


[3 Points] Colorado_Vend:

Tails has a built in persistence feature that takes the place of a Truecrypt volume. Does the same thing but it is built in. Since Tails is the recommended OS for accessing a DNM, Truecrypt never gets mentioned when discussing security practices.


[2 Points] None:

There are limitations to LUKS encryption as it works purely on passphrase encryption which means the security is dependent on how much entropy there is to the passphrase. Although brute hacking is limited by the time ratio required by the complexity of the hash algorithm, it can still be done. Brute hacking has become brutally efficient with parallel computing platforms such as CUDA.

This doesn't even include the idea that you would need to remember the password or store it some place safe.

One advantage of Truecrypt is the ability to use keyfiles, which makes brute hacking near impossible due to the huge entropy as long as the keyfiles are unknown to the attacker.

Truecrypt and Tails are quite different though, as one is used primarily as a secure encrypted storage while the other is an operating system stored in encrypted storage with cryptographic applications.

If anything, using a combination of the two for different purposes would probably be a good idea. One combination could use Truecrypt to store a password for Tails with high entropy and strong enough to make brute hacking completely unfeasible.

One thing to note is that Truecrypt still needs to be installed to work properly, so it wouldn't be as portable as Tails.

Truecrypt most likely would only be used in scenarios where data is being kept in local storage and being encrypted to prevent access in a situation where the storage was compromised.


[1 Points] None:

[deleted]


[-1 Points] ImprovingOPSEC:

Truecrypt is kinda fishy, even though it is open source. LUKS + dm-crypt all the way.