Is TrueCrypt robust against data corruption?

25

5

I would expect a TrueCrypt volume to be fragile when it suffers from data corruption. This could happen for example because the hard disk, CD or DVD start to deteriorate, or when an USB stick is unplugged while a write is in progress.

In the TrueCrypt FAQ it is mentioned that this problem is limited because the data is encrypted in blocks of 16 bytes. However, I'd like to know if this really so in practice. Is there anyone who has experienced severe data loss due to only small corruptions?

Dimitri C.

Posted 2009-09-09T14:12:05.790

Reputation: 2 232

1interesting question :) fortunately I have not experienced this, but I would imagine that if you are worried about it, the answer would be to make sure you have backups! – RYFN – 2009-09-09T14:13:32.403

I had a 1TB USB HDD fully encrypted, one day the drive felt while it was connected/mounted from about 60cm. I lost 1 TB of data, as the drive would not appear in Windows anymore, nor was I able to mount it using TrueCrypt like I used to do daily. No repair service could fix it. I don't know if the data would have been saved without TrueCrypt. – admin – 2014-04-03T18:40:48.627

Answers

10

Encrypted backups do have their drawbacks. In case the backup media becomes corrupted, you may lose everything whereas chances are much better to retrieve unencrypted backups (at least partially) from a damaged disk.

In any case, only one set of backups is insufficient. And if applicable, maintain an unencrypted backup in a safe location (e.g. a bank vault). Security comes at a price.

Molly7244

Posted 2009-09-09T14:12:05.790

Reputation:

6Very good remark! I am thinking of making backups on 2 HDs: one I keep unencryptedly at home, and one encryptedly at work. – Dimitri C. – 2009-09-10T07:14:24.493

6

  • For removable devices refer to this question
  • Backups and redundancy (the RAID kind) are important
    • For optical media, move the data to new media every few years
      alternatively, stop using optical media and shift to newer forms of backup
      (yes, that too is your question)
  • If you do hit a corruption later, check the recovery methods for your media
    Look at the next point in TrueCrypt FAQ,
    What do I do when the encrypted filesystem on my TrueCrypt volume is corrupted?

File system within a TrueCrypt volume may become corrupted in the same way as any normal unencrypted file system. When that happens, you can use filesystem repair tools supplied with your operating system to fix it. In Windows, it is the 'chkdsk' tool. TrueCrypt provides an easy way to use this tool on a TrueCrypt volume: Right-click the mounted volume in the main TrueCrypt window (in the drive list) and from the context menu select 'Repair Filesystem'.

nik

Posted 2009-09-09T14:12:05.790

Reputation: 50 788

"Repair Filesystem": I have read this note in the FAQ, but I'dd like to know how much worse this kind of corruption is compared to an unencrypted volume. – Dimitri C. – 2009-09-09T14:50:02.280

5

I've lost 500 GB of data that was device encrypted. I tried everything; CHKDSK is useless when you can't mount the disk.

DS

Posted 2009-09-09T14:12:05.790

Reputation:

7Unfortunately, this is why you backup the volume headers, so in case there is corruption that would prevent you from mounting the drive. – emgee – 2009-09-09T20:50:31.690

1

Annoying that there is not a suggestion to back up header files, and annoying that the instructions are so complex. To make a backup just go to "Tools>Backup Volume Header" and save the backup. Longer instructions and more detail here: http://www.truecrypt.org/docs/?s=program-menu

– geneorama – 2012-09-11T18:56:55.120

@geneorama do you have to do that every single time you backup the truecrypt file? – barlop – 2013-05-28T10:05:37.440

@barlop Actually, I never do that. I just researched it for some reason that day that I was commenting. I don't use truecrypt that often, and when I do I usually have a backup of the whole volume, so I don't worry too much about the header. – geneorama – 2013-05-28T14:12:45.253

3

I lost 300 GB of data due to my volume header becoming corrupted by Windows. I had my entire system encrypted (boot partition and drives) and attempted to use the various repair features and decryption to no avail.

I would recommend only creating a TruCrypted partition and storing data there that you wouldn't mind losing for the benefit of the security it provides.

user31461

Posted 2009-09-09T14:12:05.790

Reputation:

I think file-based volumes are easier to be backed up than partition-based volumes. – Edwin Yip – 2010-08-18T05:50:13.970

2

I think TrueCrypt is very robust itself, I've been using it for over 4 years and haven't had a problem. But as others commented, you should take care of the backup, I suggest to use file-based volumes because you can easily backup the whole volume as opposed to partition-based volumes.

Edwin Yip

Posted 2009-09-09T14:12:05.790

Reputation: 143

1

It's pretty good I have it running on a thumb drive that takes a lot of abuse and keeps on ticking. Of course always back up your data on site and off using something like Amazon S3/Mozy/etc. RAID is nice for hard drive failure but not for back ups.

user10547

Posted 2009-09-09T14:12:05.790

Reputation: 1 089

1"RAID is not for back ups": that's very true! – Dimitri C. – 2009-09-10T07:09:37.873

Asked: 2009-09-09T14:12:05.790

Viewed: 10 133 times

Active: 2016-10-30T23:47:19.550