VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/doc/html/Plausible Deniability.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc/html/Plausible Deniability.html')
-rw-r--r--doc/html/Plausible Deniability.html77
1 files changed, 77 insertions, 0 deletions
diff --git a/doc/html/Plausible Deniability.html b/doc/html/Plausible Deniability.html
new file mode 100644
index 00000000..2a14c39d
--- /dev/null
+++ b/doc/html/Plausible Deniability.html
@@ -0,0 +1,77 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>VeraCrypt - Free Open source disk encryption with strong security for the Paranoid</title>
+<meta name="description" content="VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files."/>
+<meta name="keywords" content="encryption, security"/>
+<link href="styles.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+
+<div>
+<a href="https://www.veracrypt.fr/en/Home.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
+</div>
+
+<div id="menu">
+ <ul>
+ <li><a href="Home.html">Home</a></li>
+ <li><a href="/code/">Source Code</a></li>
+ <li><a href="Downloads.html">Downloads</a></li>
+ <li><a class="active" href="Documentation.html">Documentation</a></li>
+ <li><a href="Donation.html">Donate</a></li>
+ <li><a href="https://sourceforge.net/p/veracrypt/discussion/" target="_blank">Forums</a></li>
+ </ul>
+</div>
+
+<div>
+<p>
+<a href="Documentation.html">Documentation</a>
+<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
+<a href="Plausible%20Deniability.html">Plausible Deniability</a>
+</p></div>
+
+<div class="wikidoc">
+<h1>Plausible Deniability</h1>
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
+In case an adversary forces you to reveal your password, VeraCrypt provides and supports two kinds of plausible deniability:</div>
+<ol style="text-align:left; margin-top:18px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
+<li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
+Hidden volumes (see the section <a href="Hidden%20Volume.html" style="text-align:left; color:#0080c0; text-decoration:none; font-weight:bold.html">
+Hidden Volume</a>) and hidden operating systems (see the section <a href="Hidden%20Operating%20System.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+<strong style="text-align:left">Hidden Operating System</strong></a>). </li><li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
+Until decrypted, a VeraCrypt partition/device appears to consist of nothing more than random data (it does not contain any kind of &quot;signature&quot;). Therefore, it should be impossible to prove that a partition or a device is a VeraCrypt volume or that it has been
+ encrypted (provided that the security requirements and precautions listed in the chapter
+<a href="Security%20Requirements%20and%20Precautions.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+Security Requirements and Precautions</a> are followed). A possible plausible explanation for the existence of a partition/device containing solely random data is that you have wiped (securely erased) the content of the partition/device using one of the tools
+ that erase data by overwriting it with random data (in fact, VeraCrypt can be used to securely erase a partition/device too, by creating an empty encrypted partition/device-hosted volume within it). However, you need to prevent data leaks (see the section
+<a href="Data%20Leaks.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+Data Leaks</a>) and also note that, for <a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+system encryption</a>, the first drive track contains the (unencrypted) VeraCrypt Boot Loader, which can be easily identified as such (for more information, see the chapter
+<a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+System Encryption</a>). When using <a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+system encryption</a>, plausible deniability can be achieved by creating a hidden operating system (see the section
+<a href="Hidden%20Operating%20System.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+Hidden Operating System</a>).<br style="text-align:left">
+<br style="text-align:left">
+Although file-hosted VeraCrypt volumes (containers) do not contain any kind of &quot;signature&quot; either (until decrypted, they appear to consist solely of random data), they cannot provide this kind of plausible deniability, because there is practically no plausible
+ explanation for the existence of a file containing solely random data. However, plausible deniability can still be achieved with a file-hosted VeraCrypt volume (container) by creating a hidden volume within it (see above).
+</li></ol>
+<h4 style="text-align:left; font-family:Arial,Helvetica,Verdana,sans-serif; font-weight:bold; margin-top:0px; font-size:12px; margin-bottom:1px">
+<br style="text-align:left">
+Notes</h4>
+<ul style="text-align:left; margin-top:18px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
+<li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
+When formatting a hard disk partition as a VeraCrypt volume (or encrypting a partition in place), the partition table (including the partition type) is
+<em style="text-align:left">never</em> modified (no VeraCrypt &quot;signature&quot; or &quot;ID&quot; is written to the partition table).
+</li><li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
+There are methods to find files or devices containing random data (such as VeraCrypt volumes). Note, however, that this should
+<em style="text-align:left">not </em>affect plausible deniability in any way. The adversary still should not be able to
+<em style="text-align:left">prove</em> that the partition/device is a VeraCrypt volume or that the file, partition, or device, contains a hidden VeraCrypt volume (provided that you follow the security requirements and precautions listed in the chapter
+<a href="Security%20Requirements%20and%20Precautions.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+Security Requirements and Precautions</a> and in the subsection <a href="Security%20Requirements%20for%20Hidden%20Volumes.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
+Security Requirements and Precautions Pertaining to Hidden Volumes</a>). </li></ul>
+<p>&nbsp;</p>
+<p><a href="Hidden%20Volume.html" style="text-align:left; color:#0080c0; text-decoration:none; font-weight:bold.html">Next Section &gt;&gt;</a></p>
+</div><div class="ClearBoth"></div></body></html>