Tutorial [TUT] Creating an Encrypted Partition

CrAzY FaIrYHoPn

FairyHopn' All Day
Retired
Messages
3,480
Reaction score
1,907
A lot of people have miscellaneous illegal content on their computer, whether it be illegal by law, or illegal to their parents (i.e. porn). Regardless, I thought that some people would like to have said content in a secure and private partition so the "cyber police" or parents won't stumble upon it. The partition can be used for containing and hiding items such as porn, chat logs, separate browsers, phishing logs, databases, passwords, etc, etc, etc.

Definitions:
Partition - Basically a segment taken from your HDD that is used to store miscellaneous files. It is stored separately from the rest of your files.

Cryptographic strength - How hard it is to crack your database.

Prerequisites:
TrueCrypt
KeePass

Tutorial:
To start off, you will need to download both TrueCrypt and KeePass. TrueCrypt creates the actual partition while keepass creates the secure passwords. KeePass is a great password vault. Both of these are open source programs and are safe and secure.

Once you have downloaded and installed the above programs, you are ready to start the setup of your encryption. The first step is to make your secure password and setup your password vault.

KeePass Setup:
  1. First, open Keepass and click on the
    and create a database file. Name it whatever you want, as long as it has the file extension ".kdbx." Click save.
  2. Next create a master password. Make sure the master password uses caps and lowercase letters, some numbers, and be at least 100 bits long. Then click OK.
  3. You can now add a title and description for your database if you wish. Click done.
  4. Now it is time to create your password. Right click in the white space and click "Add Entry." Feel free to title it.
  5. Click on 'open password generator' and select your settings. Leave advanced and preview the way they are. Be sure not to select "High ANSI characters" because truecrypt does not accept them for their passwords.




  6. Then click ok, then ok again. You should have your keepass database setup and are now ready to create your actual partition!
TrueCrypt Setup:
  1. First open up truecrypt and select Volumes>Create New Volume. This is located on the top toolbar of the program. Select "create an encrypted file container" in the creation wizard. Click Next. Then select "standard truecrypt volume" and click next.
  2. Once you do that, click on "select file" and browse to wherever you want the volume to be stored. Then type the name of the volume into File Name like you would for any regular file. Select save then click next.
  3. Now select your hash algorithm as well as your encryption algorithm. The defaults are encryption=AES and Hash=RIPEMD-60. The defaults work fine but if you would like to read up on them I will have the truecrypt docs link below with more details. Once you select your encryption click next.
  4. Then select how large you want your encrypted volume to be. It really depends what you are storing in it. Whether it is doxes, illegal programs, forum dumps, etc. If it is just going to be a bunch of html and txt files I would do about 5GB of space, but if you are storing a bunch of videos, ISO's, movies, etc, then I would go MUCH larger. Just check out the size of the files that your are moving and make your decision. Select the number and KB/MB/GB, then click next.
  5. Now you need to go back into keepass and get out your truecrypt password you created earlier. Right click on the entry in keepass and select "Copy Password." This copies the password to clipboard but it only stays there for 12 seconds so be quick. Paste the password into TrueCrpyt into the password box. Do the same for retype password.
  6. This next step is a little odd but it ensures the "cryptographic strength of the encryption keys." You must swirl your mouse around in the truecrypt window for at least a few minutes. The longer you do it the better. Once you are satisfied, click format.
  7. Your volume is now created! Click exit.
Accessing Your Partition:
Once you have setup keepass and your password vault, and have created your truecrypt partition, you are ready to start moving your files into the partition!!

  1. The first thing you need to do is click on any drive larger than H. I say this becuase some of you guys use your earlier drives for USBs, etc. Once you highlight the drive click on select file.
  2. Navigate your way to the location of your partition. Double click the file and select mount.
  3. Open up your keepass database and copy your password and paste it into the truecrypt prompt. Click Mount.
  4. Now go to "My Computer" and open up the drive that you mounted your partition on.
  5. You can now begin to move your files over to your new partition. When you are done using the partition simply right click on the truecrypt button in your tray and select "Dismount all mounted devices." You can also just shutdown your computer when you are done and it will close truecrypt SECURELY for you.
  6. You are now done :biggrin:
Conclusion:

That is about it regarding HDD encryption. If you are curious about the security flaws and exploits that police use to break encryption then read up on the truecrypt docs. They are very informative and a great read.

Don't forget that keepass isn't only used for truecrypt. It is a great way to make secure passwords; thus lessening your chances of getting hacked on multiple accounts. Never use the same password on more than one account.

I hope that this helped some people out. Enjoy your private and secure partition

TrueCrypt docs (interesting read/info): http://www.truecrypt.org/docs/

Credits:
Decima7e for originally showing me truecrypt and showing me its' exploits.
 
Last edited:

Rally

Experienced Member
Messages
6,902
Reaction score
3,315
finally! a tut not copyed and pasted :smile:

ive used truecrypt/keepass forever, dont really have anything illegal or dont want people to see on my computers, but i still use it from time to time.
 

Flavour

Member
Messages
4,349
Reaction score
1,339
Pretty confusing I can't even find my partition. WTF, how do I get rid of this partition that doesn't exist -__- damn lost 40+ GB of space.....
 

decima7e

Contributor
Messages
1,850
Reaction score
949
Just to let you know, there are multiple vulnerabilities using this method to secure files. The password is probably stored in plain text on your hard drive right now if you have the page file enabled. Also there are multiple places that windows writes file names, and file names are enough to prosecute you.

Believe me, your files are in no way 'safe' from law enforcement if you use this unless you know exactly what you are doing. If you want to keep them safe, use whole drive encryption with the truecrypt boot loader. If you are on linux, use dm-crypt for secure encryption and a preboot authentication similar to truecrypt.

Also the strongest single encryption algorithm is Serpent, not AES. Also use SHA-512 instead of ripe-60.
 

CrAzY FaIrYHoPn

FairyHopn' All Day
Retired
Messages
3,480
Reaction score
1,907
Just to let you know, there are multiple vulnerabilities using this method to secure files. The password is probably stored in plain text on your hard drive right now if you have the page file enabled. Also there are multiple places that windows writes file names, and file names are enough to prosecute you.

Believe me, your files are in no way 'safe' from law enforcement if you use this unless you know exactly what you are doing. If you want to keep them safe, use whole drive encryption with the truecrypt boot loader. If you are on linux, use dm-crypt for secure encryption and a preboot authentication similar to truecrypt.

Also the strongest single encryption algorithm is Serpent, not AES. Also use SHA-512 instead of ripe-60.
That is why I said view the true type docs for info on how to stay more secure. I even put a note on the bottom saying it has exploits that can be 'mostly' covered by using methods in the docs. This isn't intended for super hackers who attract the attention of law enforcement of any sort. It is mainly meant for those who are paranoid of their parents seeing there stuff. This also does hide the content so if prying eyes look on the computer they will have no idea it is even there.

However, I was not aware of the differences in encryption algorithms (besides the obvious) and didn't know which was the best; thanks for that.

Pretty confusing I can't even find my partition. WTF, how do I get rid of this partition that doesn't exist -__- damn lost 40+ GB of space.....
For one, you can't "get rid of something that doesn't exist."

If you followed the tutorial to the dot, then your partition has been created. What you need to do is look for a file that has the file type "file." when found, follow the tutorial from the "accessing your partition" section. The file will be named whatever you named it in step 2 of the truecrypt section, and will be where you put t in that step.

Also, what exactly did you find confusing so I can fix it or make it more clear.
 

decima7e

Contributor
Messages
1,850
Reaction score
949
That is why I said view the true type docs for info on how to stay more secure. I even put a note on the bottom saying it has exploits that can be 'mostly' covered by using methods in the docs. This isn't intended for super hackers who attract the attention of law enforcement of any sort. It is mainly meant for those who are paranoid of their parents seeing there stuff. This also does hide the content so if prying eyes look on the computer they will have no idea it is even there.

However, I was not aware of the differences in encryption algorithms (besides the obvious) and didn't know which was the best; thanks for that.



For one, you can't "get rid of something that doesn't exist."

If you followed the tutorial to the dot, then your partition has been created. What you need to do is look for a file that has the file type "file." when found, follow the tutorial from the "accessing your partition" section. The file will be named whatever you named it in step 2 of the truecrypt section, and will be where you put t in that step.

Also, what exactly did you find confusing so I can fix it or make it more clear.
I wasn't criticizing your tutorial, I just don't want people to do this and think that they are invincible to the police.
 

EpicBox

Enthusiast
Messages
35
Reaction score
4
Love it, I set my KeePass to where it minimizes to the tray, and when I press 'X' and that it auto locks when minimized. That way I have it anytime I need it. <3
 
Top Bottom