Advanced Topics
Keyfiles
A "keyfile" is a small file (about 512 bytes) which can optionally be created for a volume, and contains a copy of the information required to mount a FreeOTFE volume. Keyfiles are encrypted based a user-supplied keyfile password, which must be supplied in order to use the keyfile.
|
More than one keyfile can be created for the same volume.
|
Keyfiles are useful as they allow critical information which is required in order to mount a particular volume to be stored separately to the volume which they relate to; on a floppy disk, or USB drive, for example - which would be too small to store the entire volume on. In this way, your volume may be stored on your computer, but the information required to access it can be stored in a physically more secure location (e.g. in a locked safe)
In a business environment, keyfiles may be used as a form of password recovery, or to reset forgotten passwords. When confidential information is held within a FreeOTFE volume, a keyfile can be created for that volume and stored in a safe location. Should the employee which normally uses the volume be unavailable, or cannot remember the volume's password, the volume may still be mounted using a keyfile that has was previously created for it (together with that keyfile's password) - even if the volume's password has been subsequently changed.
Keyfiles may also be used to provide multiple users with access to mount and use the same volume; each using a password of their own choosing.
Note: Keyfiles are specific to the volume they are created for! Although a keyfile for one volume may be able to successfully mount another volume, the virtual drive shown will appear to be unformatted - the files within the volume will remain securely encrypted and unreadable.
Creating a new keyfile
To create a new volume, select "Tools | Create keyfile..." to display the "keyfile wizard", which will guide you through the process in a series of simple steps.
Mounting a volume using a keyfile
The process of mounting a volume using a keyfile is identical to the normal mount procedure, with the exceptions that:
- The password used should be the keyfile's password, and not the volume's password.
- The full path and filename of the keyfile should be entered as the "keyfile file"
Creating Hidden Volumes
FreeOTFE Explorer offers users the ability to create "hidden volumes" stored inside other "host" volumes.
To create a hidden volume:
- If the volume you wish to create a hidden volume in is mounted, dismount it.
- Start the volume creation wizard as normal (select "File | New..." from the main menu).
- When prompted to select between creating a file or partition based volume, select "File" or "Partition", depending on whether the host volume you wish to use is file or partition based.
- When prompted for the filename/partition to create your hidden volume on, select the host file/partition you wish to create the hidden volume inside.
- The next step in the wizard will prompt you to enter an offset. The offset is the number of bytes from the start of the host volume where you wish the hidden volume to begin. Make sure that the offset you specify is large enough such that it does not overwrite any of the system areas of that host volume (e.g. the FAT), or files already written to it.
- Continue with the volume creation wizard as normal.
To mount your hidden volume, proceed as if mounting the host volume, but when prompted to enter your password, click the "Advanced" button and enter the offset. (See the section on advanced password entry options).
|
|
Make sure you remember the value you enter for the offset value! For security reasons, FreeOTFE Explorer doesn't store this information anywhere, and so you will have to enter the same offset into the password entry dialog every time you wish to mount your hidden volume.
|
|
More than one hidden volume can be stored within the same host volume, by using different offsets
|
If you create a hidden volume within an existing volume, be warned: subsequently mounting and adding data to the host volume can potentially result in parts of the hidden volume being overwritten, and its data destroyed. This is by design, and increases the security of the hidden volume.
Please see the Plausible Deniability section for further information on the practical uses and considerations of hidden volumes.
Volume Creation: Advanced Options
At the end of the volume creation process, FreeOTFE Explorer will display a summary of the volume it is about to create. At this stage, more advanced options be configured for the new volume, by selecting the "Advanced..." button.
|
|
Advanced volume creation options
|
Key Iterations
Before the user's password is used to encrypt/decrypt the CDB, it is processed using PBKDF2 to increase security.
This tab allows the number of PBKDF2 iterations to be set by the user; higher values increase security, but will also increase the amount of time taken to mount the volume. This becomes more significant when mounting volumes on a PDA, which typically have slower CPUs.
The default number of key iterations is 2048.
Salt
Before the user's password is used to encrypt/decrypt the CDB, it is processed using PBKDF2 to increase security.
Part of this processing involves the use of a random "salt" value, which reduces the risk of dictionary based attacks. This tab allows the length of the salt value (in bits) to be set by the user.
It should be noted that every time a volume which has a non-default (256 bit) salt length is mounted, the user must specify the correct salt length (unless using a keyfile; in which case the keyfiles salt length must be specified) by using the "Advanced" options available on the FreeOTFE Explorer password entry dialog.
The default salt length is 256 bits. Any salt length entered must be a multiple of 8 bits.
Drive Letter
When mounting a volume using FreeOTFE, FreeOTFE will use the next available drive letter when mounting a volume.
This behaviour can be changed to use a specific drive letter on a volume-by-volume basis by setting it on this option.
The default setting here is "Use default"; use the next available drive letter
Note: If the chosen drive letter is in use at the time of mounting, the next free drive letter will be used
This setting has no effect on FreeOTFE Explorer, and it is only used when mounting volumes using FreeOTFE.
CDB Location
Normally, a volume's CDB will be stored as the first 512 bytes of the volume.
However, this does increase the size of the volume by the size of the CDB, which can FreeOTFE volumes more distinctive, and making it slightly more obvious that a volume file is volume file.
This is most clearly shown when creating a file based volume: a 2GB volume, for example, will be 2,147,484,160 bytes in length - made up of a 2,147,483,648 byte (2GB) encrypted disk image, plus a 512 byte embedded CDB.
To reduce this, it is possible to create a volume without an embedded CDB; the CDB being stored in a separate file as a standard FreeOTFE Explorer keyfile.
In this case, a 2GB volume would comprise of a 2,147,483,648 byte (2GB) encrypted disk image, plus a separate 512 byte keyfile which may be stored in a separate location to the volume.
Note that if you store the volume's CDB in a keyfile, you will always need to supply a keyfile when mounting the volume, and ensure that the "Data from offset includes CDB" advanced option shown on the FreeOTFE Explorer password entry dialog shown when mounting must be unchecked after the keyfile is specified.
By default, FreeOTFE Explorer includes the CDB will be included as part of the volume.
Padding
"Padding" is additional random data added to the end of a volume file. Any padding added will not be available for use as part of the mounted volume, and serves to increase the size of the volume.
Encrypted volumes typically have a file size that is a multiple of 512 bytes, or a "signature size" beyond the last 1MB boundary. To prevent this, you may wish to append random "padding" data to the new volume.
Padding also reduces the amount of information available to an attacker with respect to the maximum amount of the encrypted that may actually be held within the volume.
Password Entry: Advanced Options
Note: This section only covers the password entry dialog shown when mounting FreeOTFE volumes. For mounting Linux volumes, please see the section on Linux volumes.
|
|
Advanced mount options
|
Advanced Security Details
Salt length
This should be set to the number of salt bits used in the PBKDF2 processing of the user's password, before using it to decrypt the volume's CDB/keyfile being used.
By default, this is set to 256 bits - the same default length used when creating a new volume.
Key iterations
This should be set to the number of key iterations used in the PBKDF2 processing of the user's password, before using it to decrypt the volume's CDB/keyfile being used.
By default, this is set to 2048 iterations - the same default number used when creating a new volume.
PKCS#11 secret key
This option is only available if PKCS#11 support is enabled (see the section on Security Token/Smartcard Support for more information on how to use this setting.)
Mount Options
Volume Options
These options are intended for use with hidden volumes, and volumes which were created without a CDB embedded at the start of the volume
Offset
When attempting to mount a hidden volume, this should be set to the offset (in bytes) where the hidden volume starts, as specified when creating it.
By default, this is set to an offset of 0 bytes.
Data from offset includes CDB
This checkbox is only enabled if a keyfile has been specified.
If you are attempting to mount either a hidden, or normal, volume which was created without a CDB embedded at the start of the volume, this checkbox should be changed so that it is unchecked.
For mounting all other volumes, this checkbox should be checked.
By default, this checkbox is checked.
Password management
Password Expiry
When setting the password on a FreeOTFE volume, the date on which the password was changed is stored in the volume's CDB. If password expiry is turned on (via the "Password Expiry" tab on the Options dialog), the user will be prevented from mounting the volume when a specified number of days from this date have elapsed. Prior to this, the user will be warned when mounting volumes that are nearing their expiry date.
Changing the volume's password will reset the "password last changed" date within the volume's CDB, and effectively reset password expiry on that volume.
Note: Password expiry is not intended, and should not be used, as a "volume timeout" feature for distributing "time-limited" volumes which cannot be accessed after a certain period of time. The purpose of password expiry is to assist the user in periodically changing their password to improve security.
Volumes which have use CDB v4 or earlier (i.e. those created prior to FreeOTFE v6.00, FreeOTFE Explorer v4.00 and F4PDA v6.00) do not store the necessary "password last updated" date in the CDB, and will not have expiring passwords, even if this functionality is turned on within FreeOTFE. To upgrade such a volume to allow password expiry, simply change the volume's password. This will update the CDB to v5 or later.
Password Strength
Password Requirements
The user can set various requirements that new passwords must meet before they will be accepted, including:
- Minimum password length
- Characters which must represented in the password (e.g. uppercase letters, numbers, punctuation characters)
- The password must not appear in a user-supplied dictionary (wordlist) file
- The password cannot be a keyboard pattern (e.g. "qwerty")
- The password cannot contain a repeated character (e.g. "abc11111xyz", "aaa")
- The password cannot be a repeated word (e.g. "11111", "fredfred")
- The password cannot contain a sequential string (e.g. "xyz12345", "abc")
When changing a volume's password, the user can also further require that the new password is not similar to the old password. This is especially important when password expiry is turned on, and prevents the user from reusing their old password with only trivial (and often highly predictable) changes made to it (e.g. Changing "SecurePassword1" to "SecurePassword2", or "SecurePassword2" to "SecurePassword3").
Password similarity is determined by calculating the Levenshtein distance between the old and new passwords. This figure is then changed into a percentage of the length of the longer of the two passwords and checked against a user configured threshold.
For example, if a volumes original password was "myPassword!1111", and the user tried to change it to "myPassword!2222", the Levenshtein distance would be 4. As a percentage of the longest password (15 characters), this would represent a (4 / 15) 26.67% change from the old password. If the user required a minimum 50% change, this password would not be accepted. The new password "theNew%Password!9999" (with a Levenshtein distance of 12 from the old password, representing a (12 / 20) 60% change, would be accepted as being sufficiently different.
Password Analysis
When the user specifies a password for a new volume, or changes an existing volume's password, they have the option of carrying out analysis on the password entered in order to check it against a range of characteristics that are characteristic of weak passwords.
Unlike many security applications, FreeOTFE does not include a "password strength" meter, as these typically carry out fairly arbitrary checks, and often yield misleading results.
Dictionary (aka Wordlist) Files
Dictionary files (aka wordlist files) are straightforward text files which contain numerous words, one per line.
FreeOTFE and FreeOTFE Explorer can be configured to check passwords against such files, to filter out weak passwords.
FreeOTFE Explorer also supports wordlists in the Diceware (5 digit number, single space/tab, then word) and Mozilla Firefox (word followed by a single "/") formats.
Suitable dictionary files are widely available on the Internet; for example:
|
