
	Introduction Beginner's Tutorial System Encryption Supported Systems Hidden Operating System Rescue Disk Plausible Deniability Hidden Volume Protection of Hidden Vol. Security Requirements Hidden Operating System Parallelization Pipelining Hardware Acceleration Encryption Algorithms AES Serpent Twofish Cascades Hash Algorithms RIPEMD-160 SHA-512 Whirlpool Technical Details Notation Encryption Scheme Modes of Operation Header Key Derivation Random Number Gen. Keyfiles Volume Format Spec. Standards Compliance Source Code TrueCrypt Volume Creating New Volumes Favorite Volumes System Favorite Volumes Main Program Window Program Menu Mounting Volumes Supported Systems Portable Mode Keyfiles Tokens & Smart Cards Language Packs Hot Keys Security Model Security Requirements Data Leaks Paging File Hibernation File Memory Dump Files Unencrypted Data in RAM Physical Security Malware Multi-User Environment Authenticity and Integrity New Passwords & Keyfiles Password/Keyfile Change Trim Operation Wear-Leveling Reallocated Sectors Defragmenting Journaling File Systems Volume Clones Additional Requirements Command Line Usage Backing Up Securely Miscellaneous Use Without Admin Rights Sharing over Network Background Task Removable Medium Vol. TrueCrypt System Files Removing Encryption Uninstalling TrueCrypt Digital Signatures Troubleshooting Incompatibilities Issues and Limitations License Future Development Acknowledgements Version History References

Plausible Deniability

Disclaimers

Please consider making a donation.

Donate Now >>

Plausible Deniability

In case an adversary forces you to reveal your password, TrueCrypt provides and supports two kinds of plausible deniability:

Hidden volumes (see the section Hidden Volume) and hidden operating systems (see the section Hidden Operating System).
Until decrypted, a TrueCrypt partition/device appears to consist of nothing more than random data (it does not contain any kind of "signature"). Therefore, it should be impossible to prove that a partition or a device is a TrueCrypt volume or that it has been encrypted (provided that the security requirements and precautions listed in the chapter Security Requirements and Precautions are followed). A possible plausible explanation for the existence of a partition/device containing solely random data is that you have wiped (securely erased) the content of the partition/device using one of the tools that erase data by overwriting it with random data (in fact, TrueCrypt can be used to securely erase a partition/device too, by creating an empty encrypted partition/device-hosted volume within it). However, you need to prevent data leaks (see the section Data Leaks) and also note that, for system encryption, the first drive track contains the (unencrypted) TrueCrypt Boot Loader, which can be easily identified as such (for more information, see the chapter System Encryption). When using system encryption, plausible deniability can be achieved by creating a hidden operating system (see the section Hidden Operating System).

Although file-hosted TrueCrypt volumes (containers) do not contain any kind of "signature" either (until decrypted, they appear to consist solely of random data), they cannot provide this kind of plausible deniability, because there is practically no plausible explanation for the existence of a file containing solely random data. However, plausible deniability can still be achieved with a file-hosted TrueCrypt volume (container) by creating a hidden volume within it (see above).

Notes

When formatting a hard disk partition as a TrueCrypt volume (or encrypting a partition in place), the partition table (including the partition type) is never modified (no TrueCrypt "signature" or "ID" is written to the partition table).
There are methods to find files or devices containing random data (such as TrueCrypt volumes). Note, however, that this should not affect plausible deniability in any way. The adversary still should not be able to prove that the partition/device is a TrueCrypt volume or that the file, partition, or device, contains a hidden TrueCrypt volume (provided that you follow the security requirements and precautions listed in the chapter Security Requirements and Precautions and in the subsection Security Requirements and Precautions Pertaining to Hidden Volumes).

Next Section >>

Search • Legal Notices

www.truecrypt.org


			B r i e f S i t e m a p Information Homepage Frequently Asked Questions Planned Features News Downloads Latest Stable Release (Windows) Latest Stable Release (OS X) Latest Stable Release (Linux) Past Versions Public Key Additional Downloads Communication & Publicity Contact Page Forums News Public Key Miscellaneous Screenshots Search Statistics Legal Notices Links Complete Sitemap