2

Possible Duplicate:
Use truecrypt to make data unrecoverable

The other day I was thinking, and I looked up this question because I was pretty sure a question similar to this had been asked. (I had never heard of that method previously, but anyways...) Would it be an acceptable alternative to encrypt a whole volume with a program such as TrueCrypt with an extremely strong encryption key and algorithm, then format the disk? TrueCrypt is pretty strong by its self, and by the time you plug in that disk and say, install an OS on it, vital parts of the data that were previously there (keep in mind, it was encrypted, then formatted, then overwritten with a new OS in parts) are gone - which would effectively make it impossible (correct me if wrong, please) to recover said volume - Would this be another method to securely erasing a HDD?

cutrightjm
  • 1,714
  • 4
  • 18
  • 31

1 Answers1

4

Would it be an acceptable alternative to encrypt a whole volume with a program such as TrueCrypt with an extremely strong encryption key and algorithm, then format the disk?

Well, if you're trying to delete it then just overwrite it with random data and you've done effectively the same thing. Truecrypt will write over every block of a drive when encrypting it.

The added bonus, though, is that if you've been running TrueCrypt the entire time and you have a strong passphrase or a keyfile that is separate from the drive, "forgetting" it will also render the drive essentially securely erased.

Jeff Ferland
  • 38,090
  • 9
  • 93
  • 171
  • Well, it'd still be crackable... any time in the forseeable future, no, but one day it will be... or someone will just get lucky as hell =p But the data is still there, nonetheless – cutrightjm Nov 28 '12 at 05:23
  • 1
    @ekaj TrueCrypt overwrites the entire drive with random data, not encrypted data. It does so to make the encrypted volume data indistinguishable from "empty" areas of the drive. In the process, it overwrites any latent data on the disk's sectors. If you forget your password, and that password isn't trivial, there's very little chance of anyone cracking it. The FBI had a case where they dedicated a year's worth of computing time to cracking a single TC volume password, and never got it. Eventually the suspect gave it up (I don't know the details) and it was only 9 characters. Nuff said. – Polynomial Nov 28 '12 at 06:56
  • My point is that the key derivation algorithm used to turn the password into a volume header key is computationally expensive enough to make bruteforce infeasible, even for moderately secure passwords. – Polynomial Nov 28 '12 at 06:58
  • If you wan't to delete data you can use some form of srm. And also watch this DEFConn vid: http://www.youtube.com/watch?v=oXbq0BFzQQg and the followup: http://www.youtube.com/watch?v=d0L-YHe2iag – damiankolasa Nov 28 '12 at 07:37
  • One fun consequence of using TrueCrypt to "wipe" a disk is that AFAIK you can do it while running the OS you want to wipe :) | @Polynomial The TrueCrypt KDF is rather weak, so you the password should be rather complex. I wouldn't trust 9 chars against a powerful adversary. Costs perhaps 1 mio $ with commodity hardware to break it and probably a tenth of that with custom hardware. – CodesInChaos Nov 28 '12 at 09:18
  • The real solution is `shred`. – Polynomial Nov 28 '12 at 09:36