Title: Security Issue on Cloned TrueCrypt Containers and Backup Headers

Year of Publication: Nov - 2014
Page Numbers: 11-19
Authors: Rodrigo de S. Ruiz, Fernando Pompeo Amatte, Kil Jin Brandini Park D. Sc.
Conference Name: The International Conference on Cyber-Crime Investigation and Cyber Security (ICCICS2014)
- Malaysia


The growing concern of various entities with the confidentiality of the data ultimately fostered the development of tools for data protection at various levels, from a simple password protection on a word processor to sophisticated methods of encryption based on hardware or software implementation. On the one hand such a feature, if operating perfectly aligned to security guidelines, provides the user privacy in its activities, on the other hand it is clear that in case of unlawful behavior, for law enforcement agents, this functionality introduces another obstacle for data acquisition towards evidence gathering. This study aims to present a different and little explored approach to access information inside containers encrypted through the usage of Truecrypt software. The proposed methodology proved that, in certain circumstances, a Truecrypt container presents a technical and operational vulnerability ignored by business and IT professionals, in clear violation of the basic functional requirement of this feature.