![[info]](http://p-stat.livejournal.com/img/userinfo.gif){kind=small}
So I've been following the recent (ish) threads on the truecrypt forums about the futility of doing, what I wanted to do: namely create a truecrypt volume the size of the cd/dvd, copy a bunch of data on to it, then burn the entire thing to cd/dvd.
I was able to do this... However, I ran into a problem with truecrypt in that when I tried to do:
# truecrypt /dev/scd0 /mnt/foo device-mapper: reload ioctl failed: Invalid argument Command failed # dmesg device-mapper: table: 253:0: truecrypt: truecrypt: Device lookup failed device-mapper: ioctl: error adding target to table device-mapper: ioctl: device doesn't appear to be in the dev hash table.
So the forums had this thread about some guy asking for this feature. He assumed that just because you can't read the disc, that would be enough for plausible deniability. However, someone replied:
I think that would be a spurious claim and wouldn't fool many, especially if it was suspected that you used encryption technology.
Discs can go bad and become unreadable, sure, but they do not do so in such a way as to become completely random volumes. Don't forget that the sectors themselves will still be very much readable (as in, without producing read errors, although the data remains indecipherable).
A fully readable, verifiable optical disc full of random data would be suspect. As a "bad burn" would be terribly unlikely to result in a completely random disc. Moreover, that the disc itself is not physically damaged, and the ECC data contained in each sector of the disc verifies that the data is correct, would be a strong indicator that the data placed on the disc was not the result of an accident.
And another continued...
The reason why I would like to see this implemented is related to plausible deniability (yes, that again).
As I said before on several occasions, plausible deniability is not really plausible on Read Only Media. This is particularly true for the hidden volume feature (burning a half empty outer volume on a DVD is suspicious. Why loosing so much space?).
Here is how it could be remedied with "Raw CD/DVD encryption". Roughly:
- Burn your 700 Mb (or so) volume on a CD-RW in "RAW mode" (let's call it that).
- Check whether hidden volume is accessible. (Say hiden volume is 300 Mb and outer volume is empty)
- Burn 400 Mb of data on the same disk the ordinary way (this data would be accessible to anybody exploring the CD).
- Part of the outer volume is now destroyed, but the hidden volume remains intact and should still be accessible in "RAW mode".
- Somebody exploring the disk would just see 400 Mb of ordinary clear text + (only if curious enough to check) unallocated random data at the end of the disk.
If asked for a reason why there is so much free space at the end of your CD, say you intended to burn more data later.
If asked for a reason why there is random data at the end of the disk, just shrug shoulders: "Hum... It must be someting I've burnt before on this disk... A compressed backup? Something with an exotic format? Can't remember what. Perhaps could you analyse it and tell me?"
Playing with ISO image would probably more efficient than the process described above.
– Little Fish
But apparently, there is a way to do it (if you wanted to) anyways. You would need to do the following:
# losetup /dev/loop0 /dev/scd0 # truecrypt /dev/loop0 /mnt/foo
So... if all you want to do is burn an encrypted disc (like of your financial files, or other personal information), it might be easier to use cryptoloop device. BUT if you want to hide data from other people and deny it exists by encrypting it, RW media with a hidden volume is your best bet.