Security Basics mailing list archives
Re: Help on truecrypt recovery
From: Phillyun <phillyun () gmail com>
Date: Mon, 29 Dec 2008 16:11:58 -0600
On Mon, Dec 29, 2008 at 11:06, wrote:
On the new year note , I happend to forget my truecrypt password. I got some queries in this regards 1. BIOS 's pre-boot authentication works on full disk encryption but what abt file encryption (over OS), any pointers ? 2. How does password mechanism work on a encrypted file. 3. Any good disctionary attack tools.The whole idea is that without the password, you can't access the data. It seems you're hoping that there's a trivial way to gain access to your volume. If it were that simple, why would you use the product? Me thinks you're poked. Kiss your data goodbye.
CC, I suspect this is a hoax since spell check wasn't even used (if not, please forgive the BS meter's false positive, I've been known to fat finger a word or three myself). Even so, I'm wondering if others have suggestions on how one would design a theoretical attack? I never personally like the answer "you are poked", but you may be without your data for a while ... we're talking about how many years of potential computing here?!! The information you need is on the recovery disk that you burned when first encrypting your volume. Remember that? Hopefully you remember your original password as that will be the one on the disk. (I am assuming the boot sector has become corrupt or you changed the password w/o burning another disk here) As long as you haven't shredded the original recovery disk, recovery is possible with that original PW. If not - or you really have forgotten what password you used, rent a network (cloud) and compute! Eventually you will have your data. You could further constrain the scope of a brute force attack by using known parameters (like your 'style' of password that you likely used). Good luck. ... then again ... the salt - also part of the setup process makes this more of a bitter challenge, doesn't it? You are more likely to find a vulnerability (known or not) in the actual version of TC used than brute force it outright. TC later added the ability to "customize" the password screen / startup screen which removed the version number from the screen. What version is being used? What did the TC source look like at that time - were there any issues in the way it computed things? What encryption method(s) did you use during setup. Was it one, two or three levels deep?
Current thread:
- Re: Help on truecrypt recovery, (continued)
- Re: Help on truecrypt recovery Raj (Dec 30)
- RE: Help on truecrypt recovery Vogels, Mark (Dec 31)
- Re: Help on truecrypt recovery Raj (Dec 30)
- RE: Help on truecrypt recovery Murda Mcloud (Dec 30)
- Re: Help on truecrypt recovery Sitaram Chamarty (Dec 30)
- RE: Help on truecrypt recovery Vogels, Mark (Dec 30)
- Help with MS07-042 - will not seem to install on this one laptop Jeff Dinger (Dec 30)
- RE: Help with MS07-042 - will not seem to install on this one laptop Murda Mcloud (Dec 31)
- RE: Help with MS07-042 - will not seem to install on this one laptop Jeff Dinger (Dec 31)
- Re: Help with MS07-042 - will not seem to install on this one laptop Stephen Thornber (Dec 31)
- RE: Help with MS07-042 - will not seem to install on this one laptop Lape, Steve (Dec 31)
- Help with MS07-042 - will not seem to install on this one laptop Jeff Dinger (Dec 30)