Data Can Leak From Partially Encrypted Systems

Martin Brinkmann
Jul 18, 2008
Updated • Nov 28, 2012
Encryption, Security
|
6

A bunch of researchers, among them the famous Bruce Schneier, have discovered that features like Recent Documents list may reveal information about files on an encrypted partition even when used in conjunction with the so called deniability feature which hides data in an encrypted partition.

I'm a bit puzzled that it took them so long to figure out that every kind of application that is logging or saving temporary data might reveal information about such hidden data. Maybe I got it wrong and missed something but if that is not the case I might call this finding rather obvious.

If I have a Word document on an encrypted partition and open it with Word it gets added to the recently accessed files list in Word as far as I know. The research paper has already been published and can be downloaded freely. The name of the document is "Defeating Encrypted and Deniable File Systems:
TrueCrypt v5.1a and the Case of the Tattling OS and Applications".

The research paper is well written and understandable for users with a technical background but most other users as well. What they are basically saying is that information can be found in operating systems and applications that could link to data in encrypted and hidden partitions. Some of the examples mentioned in the paper are Word auto-saves, recent files lists and Google Desktop.

The researchers are also assuming that a user would reveal the encrypted partition but not the hidden partition located inside of the encrypted partition which is plausible. An analyst would only have to find evidence for the existence of a hidden partition to defeat its purpose. That does not mean that he would be able to decrypt the data but he could gather information by analysing the operating system and the installed applications.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Cave said on March 9, 2012 at 9:38 pm
    Reply

    Well, considering that the NSA and various other US-Agencies don’t need your key, you should really use this…

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.