Quantifying the TrueCrypt volume header weakness

A forum for help on TrueCrypt 7.1a problems. Note: the CipherShed team will not feel obligated to answer your questions. This is the community's task.
Forum rules
The original TC forums are down, so here you can ask the community for help with your TrueCrypt 7.1a installation. Note that the CipherShed team does not have the time, nor is it's purpose to answer your questions here. This is merely a new spot for the community to gather again, and for users to help eachother.

Re: Quantifying the TrueCrypt volume header weakness

Postby WaywardGeek » Tue Aug 26, 2014 2:52 am

rocki wrote:This is nonsense...

Assume you want to create a new truecrypt container
and I'm the attacker and I give you the plaintext password or keyfile.

Does it make a difference if the password or keyfile gets hashed by crc32, sha-256 hash or sha-512 hmac or a KDF that needs 100 petaflops per attempt?

Maybe you know somthing I don't. I assume that if I modify jpeg files to have a crc32 value of 0, and that if I do that to all photos in an album, then you can choose any set of those photos you like as key files, but they will not change the derived key. The derived key would not depend on them in any way. Is this right? If so, then yes, sha-256 would solve that (very minor) problem.
Posts: 40
Joined: Sat Jun 07, 2014 8:38 am


Return to Help

Who is online

Users browsing this forum: No registered users and 1 guest