4
I wasn't sure whether to ask this on stackoverflow or superuser.
In the truecrypt documentation, it says that a truecrypt container is indistinguishable from random data. My question is, how does truecrypt know when it has been given the correct password and decoded the encrypted container correctly?
Does the decrypted data have some kind of header that identifies that it has been decrypted correctly, like a "truecrypt volume" header?
localhost
Posted 2013-04-04T22:32:30.340
Reputation: 502
11
It knows the correct password because within that encrypted container there is a known header.
When Trucrypt decrypts a blob of data and the header matches what it was expecting it reports back that the decryption was successful. If you use a incorrect password it will still "decrypt" the text, but it will decrypt the header in to gibberish and fail the decryption check.
Here is a link to the specification (mirror), you can see there are many things that must be true for it to be a valid header (bytes 64-67 after decryption should always be the ASCII value TRUE, bytes 132-251 must all be 0's, ect.). If you you decrypt a blob of data and it does not match that header format, you know the decryption failed.
Scott Chamberlain
Posted 2013-04-04T22:32:30.340
Reputation: 28 923
1and it seems i just saw a conclusive answer! +1 -great answer. – Lorenzo Von Matterhorn – 2013-04-04T23:23:26.587
1I'd love to see a conclusive answer for this Q. – Lorenzo Von Matterhorn – 2013-04-04T22:37:55.053