In March 2015, a resident of the state of Philadelphia under the pseudonym John, suspected of possessing child pornography, was searched over and there was revealed no evidence of a crime, but law enforcement authorities seized two encrypted hard drives.
He was lucky, if he had kept the information in clear form, the law enforcement agencies would have got access to it without any problems, and he just had to forget the passwords or refuse to give them out. Like any sensible person in his situation, John forgot the passwords, and the law enforcement agencies failed to crack the crypto containers.
And everything should have been good, as in the absence of evidence, John should have been released, but the court decided that John should be kept in custody until the court's requirements were met, i.e. to give correct passwords. Thus, a man wouldn’t be able to get out of prison until he decrypted his cryptocontainers, even if he really had forgotten the password.
Before that John had been working in the police for 17 years, had not been convicted before, the inability to decipher his drives was not a crime, there was no evidence of his guilt, all of that was what the lawyer tried to point out; you can read more in English here.
There were no charges, except for disobeying a controversial court decision or even the inability to execute it, apparently, the right to refuse to testify against himself in the United States does not work.
But this is not the only such example, in this chapter we talked about similar cases in Britain. One need to draw one conclusion from these stories, which is that simply cyphering the information is not enough, you also need to hide the encrypted data so as to prove their existence would be impossible.
Tip
It is not enough just to encrypt information; you also need to hide the encrypted data so that it cannot be proved.After studying the chapter on encryption, you have already learned how to create cryptocontainers. A cryptocontainer, if properly used, is a very reliable thing, but, as a rule, malefactors, finding it, begin to demand access to it or try to find a password. The password created by the recommendations in this course cannot be cracked, but the refusal to provide access may result in a temporary change of residence, which adversely affects comfort, health and business. Therefore, a priori it will be better that your cryptocontainer is not found.
There are different ways to solve this problem, we will consider five of them:
- masking a cryptocontainer as a file
- steganography (we hide the cryptocontainer in another file),
- crushing a cryptocontainer (divide into several parts and hide in different places),
- cryptocontainers bait
- emergency data destruction systems.
Masking a cryptocontainer as a file
We talked about this in the chapter on cryptocontainers. In a nutshell, the cryptocontainers created by TrueCrypt and VeraCrypt do not have the correct visual or structural data indicating that it is a cryptocontainer. You can assign it the extension * .dat, a technical name like Lib1QL and put it in the folder where other * .dat files are located.
Steganography
In our case, steganography is the concealment of a cryptocontainer in other files, for example, in pictures or video files. Steganography is a very effective method, but it is suitable only for small cryptocontainers, as the total weight of the file changes. Cryptocontainer from 300 MB with rare exceptions might be problematic to be hidden in the file imperceptibly.
We will teach you steganography in this section. Upon completion of the study, you can safely hide cryptocontainers and any other data in various types of files from documents to video.
Crushing cryptocontainers
When using this technique, the cryptocontainer is divided into several parts, in the absence of at least one part, the cryptocontainer becomes only a useless data set. We will teach you crushing cryptocontainers within this section.
Cryptocontainers bait
A cryptocontainer bait is a cryptocontainer created and put in a prominent place, which contains information of littler value. It is used for demonstrative access to encrypted information.
This will help, for example, if they want to screen your equipment at the airport. But such cases are not uncommon today: for example, human rights activist Muhammad Rabbani was arrested by border control officers in Heathrow (United Kingdom) for refusing to provide passwords for his laptop.
The US Passport Control Rule states that “travelers are required to submit electronic devices and the information they contain in a state that allows them to check the device and its contents”. In Canada, for refusing to issue a password, a penalty up to $ 25,000 is provided.
For bait, create a cryptocontainer and place it on the desktop. Call it something like “Important” or “Main”, the name should provoke interest. You put various documents, pictures, files into the cryptocontainer bait, all that is not very valuable to you and you can easily show it.
It is very important to mount the cryptocontainer periodically, change the composition of the files or make changes to the documents, otherwise it will be seen that the cryptocontainer is not used, and the trick may fail. To make the bait look plausible, use a fairly complex password, even better in conjunction with the key file.
Emergency data erasure systems
They do not belong to the chapter on disguise, but they perfectly solve the problem of protecting cryptocontainers from malefactors. There are hardware solutions that can destroy the hard disk with electromagnetic pulse. This happens when you press a button, send an SMS, make a call, turn over the system unit, or attempt an unauthorized access.
Their main advantage is speed and reliability. The cons are the price, the inability to use with laptops and irreparable damage to the device. In this case, you do not have the opportunity to destroy the necessary files selectively, you destroy everything, but instantly and for sure.
There are software solutions, for example, Panic Button emergency data erasure system. The program is able to destroy valuable data urgently, including saved passwords, browser history, cookies, information about open programs, viewed pictures, documents, and any user-specified files.
This software is capable of destroying cryptocontainers urgently, and especially the CryptoCrash technology should be mentioned. It allows you to destroy cryptocontainers weighing tens and even hundreds of gigabytes in a couple of seconds.
How is this possible? The structure of the cryptocontainer gets critical damage, after which the cryptocontainer is not recoverable, then it is removed by the simplest and fastest algorithm.
If you delete a cryptocontainer with a reliable algorithm, then the destruction of a 100 GB cryptocontainer depending on the type of your disk can take up to 15 minutes. It is clear that there is no need to talk about any kind of emergency here.