Encrypted HDD 100% safe?

28

7

I guess am a bit of a paranoid ha... anyway i encrypted my HDD with truecrypt using all printable ASCII characters and the password is 64 characters long. It is quite random, certainly no dictionary words but it is still possible to memorize easily.

Can it be brute-forced? The thing is, i know that its supposed to be secure, but isn't there a chance that someone can just guess the password after like 10 attempts?

Surely that possibility exists. Sometimes lightning strikes as they say.

paranoiaISgood

Posted 2011-06-23T12:44:23.933

Reputation: 283

What algorithms did you use? – Iszi – 2011-06-23T13:29:59.770

i just used AES – paranoiaISgood – 2011-06-23T13:43:25.607

1764 characters long, really? Are you trolling us? – uSlackr – 2011-06-23T14:06:05.840

4It is unlikely the password can be guessed in 10 attempts. The password certainly can be bruteforced its only a matter of times until the correct password is attempted. I am not exactly sure the purpose of a 64 character password. The possible number of characters increases by only a few hundred trillion between 16 character password and more. In other words the amount of possible passwords is so great at 15 and 20 characters it won't be brute force while your alive provided the password is random. What concerns me is you can remember it which means it likely is something like P@assword. – Ramhound – 2011-06-23T14:20:07.357

I just have a good memory... it only takes me 15 seconds to type too. – paranoiaISgood – 2011-06-23T14:42:13.130

for example }6A}wE"&=#>QEdE?+%(COqESsCFcmHy(xH"aLHh+KGD<6Nlkc\Q^yV^kH@h0<40 can be memorised preety easy if you come up with a story. – paranoiaISgood – 2011-06-23T14:48:31.147

6Easier if you have 6 kids, shorter names are easier to remember. – paranoiaISgood – 2011-06-23T15:09:58.077

@Ramhound I have plenty of really good passwords > 30 characters that are very easy to remember. You just have to understand how human memory works and what actually makes up a good password. – ElGringoGrande – 2011-06-23T15:25:28.297

10Every time I wanted to mount that hard drive I'd have to weigh the pros and cons. "Do I really want that data? Is it worth typing the password?" – Michael Mrozek – 2011-06-23T15:40:09.513

64 characters at 1 byte per character... Number of combinations is 2^(64*8 bits/byte) = 2^512. I don't think brute force cracking is your enemy here. ;) – Breakthrough – 2011-06-23T16:50:40.150

2@break: printable ASCII, that's more like 6-bits per character. So more like 2^384. But yeah, still strong enough. – vartec – 2011-06-23T17:03:25.157

4"The password is 64 characters long, quite random, contains no dictionary words, but it is still possible to memorize easily." Is it 1111111111111111111111111111111111111111111111111111111111111111? – Django Reinhardt – 2011-06-24T00:37:45.863

5There's a chance that someone could just guess your password in one attempt. – Nick T – 2011-06-24T01:48:24.477

Yes it can be brute-forced, but not in your lifetime. :-) – Zhehao Mao – 2011-06-24T16:14:59.613

Answers

33

The short answer is: NO!

No security measure is safe on its own, as it may contain bugs/vulnerabilities/etc. It might withstand a single method (e.g. brute-forcing) for circumventing the protection, but there might be a combination of methods that it may not be able to handle.

Truecrypt was (or, still is?) vulnerable to "Cold boot attacks":

Passwords stored in memory

TrueCrypt stores its keys in RAM; on an ordinary personal computer the DRAM will maintain its contents for several seconds after power is cut (or longer if the temperature is lowered). Even if there is some degradation in the memory contents, various algorithms can intelligently recover the keys. This method, known as a cold boot attack (which would apply in particular to a notebook computer obtained while in power-on, suspended, or screen-locked mode), has been successfully used to attack a file system protected by TrueCrypt.

Additional reading on "TrueCrypt Security Concerns".

TFM

Posted 2011-06-23T12:44:23.933

Reputation: 4 243

5Cold Boot attacks can be mitigated by enabling memory testing in the BIOS (which will scrub the RAM at power up), and preventing someone from removing the DIMMs from your PC (which will prevent someone from pulling the DIMMs and copying the contents). Oh, and epoxy your CMOS battery and CMOS clear jumper to prevent someone from disabling the memory testing. – myron-semack – 2011-06-23T19:11:21.877

1TrueCrypt 7 wipes cached passwords from the driver memory, after TrueCrypt exits or automatic dismount of devices. You can enable this in the "True Crypt - Preferences"-Dialog – DiableNoir – 2011-06-23T19:45:19.620

63

Actual actual reality: nobody cares about his secrets.  (Also, I would be hard-pressed to find that wrench for $5.)

If you have all ASCII characters, quite frankly, it is possible still - but highly unlikely.

William Hilsum

Posted 2011-06-23T12:44:23.933

Reputation: 111 572

1@Nifle - nice edit! :) – William Hilsum – 2011-06-23T19:33:43.707

18

According to http://howsecureismypassword.net/, it would take roughly 314 trigintillion years for a normal desktop computer to crack your password. That's several orders of magnitude greater than the time left in the existence of the Universe. I think you're covered on the brute force front.

Just for fun:

1 trigintillion = 1,000,000,000,000,000,000,000,000,000,000,
                  000,000,000,000,000,000,000,000,000,000,000
                  000,000,000,000,000,000,000,000,000,000

Chad Levy

Posted 2011-06-23T12:44:23.933

Reputation: 1 010

14

At work, we deal with hard drive encryption on a daily basis. The truth is, the kind of encryption you have on your drive are probably very sufficient for a home user. I have that same feeling of being paranoid with all my data, and truecrypt satisfies me.

However, true encryption for hard drives has to be at the hardware level. Looks for Stonewood drives (Flagstones) on the net. They offer full hardware encryption with a maximum of 5 attempts before locking out, then 5 more before completely destroying the drive according to government standards.

n0pe

Posted 2011-06-23T12:44:23.933

Reputation: 14 506

10

In response to "Can it be brute-forced":

There are 95 printable ASCII characters (including space), so there are 9564 possible 64-character passwords. That's 3.75 x 10126, which is over 420 bits of security. In comparison, 128-bits is considered secure from brute forcing for an AES key, and 265-bits is enough to assign a different value to every atom in the visible universe.

Assuming your adversary has a botnet of 10 billion computers (1000x larger than the largest known botnet), each of which can check 1 billion passwords per second, the expected time to find your password by brute-force would be 5.87 x 1051 years - that's 45 trillion trillion trillion times the age of the universe.

So yes, your password is absolutely secure from brute-forcing. In fact, assuming you are using AES-256, your 64-character password gives you no extra security over a 39-character password, because after that point it would be faster to just brute-force the key.

BlueRaja - Danny Pflughoeft

Posted 2011-06-23T12:44:23.933

Reputation: 7 183

4"TrueCrypt uses AES with a 256-bit key". Therefore using more than 39 characters won't change anything. – Max Ried – 2011-06-23T18:45:56.147

While this is true as far as it goes, calculations like this assume that all the password possibilities must be tried for the attack to be successful. That is, you're assuming that the last password possibility will be the correct one, rather than just the last one they try. Which could be the first, the fifteenth, or the fiftieth just as easily. They are after all trying passwords in random order. And random allows early success as well as no success at all. Since we're in to paranoia. – zenbike – 2011-06-26T14:05:46.857

@zenbike: Yes, that is taken into account in my calculations; the expected time (average over many attempts) is the square-root of the search space (see here) - that is, after 5.87 x 10^51 years, there's a 50% chance of having found it. The chance drops off rapidly as we get closer; for instance, the chance of finding the password in 5.87 x 10^46 years is about 0.000001% - the chance of finding the password in our lifetimes would be about the same as the chance of a person randomly walking through a wall due to quantum effects.

– BlueRaja - Danny Pflughoeft – 2011-06-26T18:40:55.440

@BlueRaja: And yet, as small as the chance is, it exists, and the possibility (not probability) of breaking the encryption in a usable timeframe also exists. – zenbike – 2011-06-27T12:57:30.267

@zenbike: Luckily, we live in the real world, where some things are so improbable they are considered, for all intents and purposes, impossible. This is fortunate, for it's completely possible, for example, for every atom in my body to magnetize at once and rip the iron right out of my blood; or for every bond to suddenly break, turning me into a gas. Back in the real world, SHA-1 has only 80 bits of security (many orders of magnitude less than his password) against collisions, yet, despite supercomputers actively searching, no one has ever found two passwords that hash to the same SHA-1. – BlueRaja - Danny Pflughoeft – 2011-06-27T16:15:34.823

@BlueRaja: But we're being paranoid. ;) And I'm talking about the most simple of statistical models. While you are correct that the probability of a failure is vanishingly low, in the real world some password must be checked first. And the possibility exists that it could be correct. It would be very random, and having someone base the success of any profit making venture on it would be foolish in the extreme. – zenbike – 2011-06-28T11:35:50.250

Consider the simplest case: Flipping a coin. If you flip a coin once, you have a 1:2 chance of being correct about the way it lands. Flip it 5 Billion times and the chance of you being right about its position every time is about as likely (in general terms) as someone finding that hash by brute force methods. But you still have a 1:2 chance of guessing the position of the coin on the billionth single fall. – zenbike – 2011-06-28T11:37:41.623

6

If your password is sufficiently random then, as BlueRaja detailed, you are quite safe from a brute-force attack.

However, there is a marginally stronger, and certainly less painful, approach that may be available to you (I say "may" because I'm not sufficiently familiar with TrueCrypt; I use this approach with a LUKS/AES-256 drive). Unlock the drive with a private key instead. Store that key on a USB drive. Lock that key with a passphrase (it doesn't have to be overly complex) and you're effectively in two-factor Nirvana.

For the truly paranoid, there are attack vectors other than a cold-boot attack:

  1. A persistent, boot sector attack. For example:

    A bad guy, who has physical access to your machine, could replace the TrueCrypt boot loader with a malicious one. It would look and act sufficiently like TrueCrypt, allowing you to unlock and access your encrypted drive, but would store your passphrase for later retrieval by the bad guy. I've not actually tested this, but I read that a tool of this nature does indeed exist:

    http://www.blackhat.com/presentations/bh-usa-09/KLEISSNER/BHUSA09-Kleissner-StonedBootkit-PAPER.pdf

    (Again, I don't know if TrueCrypt supports this, but...) A decent solution to this is to place the boot sector and unencrypted boot loader on a USB drive. Presumably you keep this on your person. (For added security, use a USB drive with hardware encryption).

  2. A key-logger or video recording of you entering your password. Using a USB drive-based key would protect you from this (until an attacker mods your hardware to monitor the USB/data bus/memory of your machine. This, I suppose, is unlikely...)

Nice encryption attack vector reference: http://tldp.org/HOWTO/html_single/Disk-Encryption-HOWTO/#ThreatModel

JohnNKing

Posted 2011-06-23T12:44:23.933

Reputation: 161

2

By the way, you could even hide some encrypted volumes behind fake movies files: http://www.ghacks.net/2011/04/12/disguising-true-crypt-volumes-in-mp4-videos/

JMax

Posted 2011-06-23T12:44:23.933

Reputation: 3 005

2

The right question is what risk are you trying to mitigate and is HD encryption sufficient to mitigate to an acceptable level. If you are storing super top-secret govt plan plans to take over the world, then you might need more or less security than if you are protecting your personal financial data (or pr0n stash).

Humans are horrible at assessing the true level of risk associated with an activity. Chances are if someone steals your laptop they are more interested in re-using it than getting the data (unless you have those super secret plans...)

uSlackr

Posted 2011-06-23T12:44:23.933

Reputation: 8 755

0

Anything can be cracked/hacked/bypassed/...
Not everyone can do it (most people can't), but there are always people out there who can do a bit more than the avarage computer user.

RobinJ

Posted 2011-06-23T12:44:23.933

Reputation: 892

0

You're far more at risk from a virus on your computer that accesses the unlocked drive or peeks at "in flight" cleartext data.

Daniel R Hicks

Posted 2011-06-23T12:44:23.933

Reputation: 5 783