A Truecrypt Trick

This may be old hat to some of you, but it may be new to others: it is
possible to create and/or mount an ADS (alternate data stream) as an
encrypted Truecrypt container file.

For instance, if the file C:\somepath\sometext.txt already exists on your
system (or create it and fill it with some text) then you would create a
ADS Truecrypt volume invisibly "attached" to it (called "hidden" for
illustration but you may wish to call it something more bland, perhaps a
Kaspersky antivirus ADS name) by doing the following:

Invoke Truecrypt and, when prompted for the name of the file to create as a
Truecrypt container file, enter:

C:\somepath\sometext.txt:hidden

That is, append a colon and then the name of your-soon-to-be-created-ADS
Truecrypt file to the existing visible file name.

Same for mounting.

Incidentally, do not use the file explorer dialog box (which will choke);
instead type the name directly into the Truecrypt file name entry box.

Regards,

PS Obviously, the visible host file could be other than a text file - any
file type will do. For instance, the devious may use a not-easily-deleted
system file. Or the even more devious can use a directory rather than a
file. (Yes, directories and not just files can have ADSs; those attached to
the root directory of a drive are especially hard to detect - or get rid
of!)

PPS For manipulating ADS additional extents (the proper name for the
hidden piggyback files) the best program I've come across is NTFS Streams
Info. Nothing to do with encryption, just revealing, creating, deleting,
etc.

PPPS ADS streams are becoming better known but are still not well-known -
even to some sysadmins. Their day is passing as a useful trick. Passing,
but not yet past :-)

"nemo_outis" <abc@xyz.com> wrote in
news:Xns9837B47BD70FCabcxyzcom@127.0.0.1:

> This may be old hat to some of you, but it may be new to others:
> it is possible to create and/or mount an ADS (alternate data
> stream) as an encrypted Truecrypt container file.
>
> For instance, if the file C:\somepath\sometext.txt already
> exists on your system (or create it and fill it with some text)
> then you would create a ADS Truecrypt volume invisibly
> "attached" to it (called "hidden" for illustration but you may
> wish to call it something more bland, perhaps a Kaspersky
> antivirus ADS name) by doing the following:
>
> Invoke Truecrypt and, when prompted for the name of the file to
> create as a Truecrypt container file, enter:
>
> C:\somepath\sometext.txt:hidden
>
> That is, append a colon and then the name of
> your-soon-to-be-created-ADS Truecrypt file to the existing
> visible file name.
>
> Same for mounting.
>
> Incidentally, do not use the file explorer dialog box (which
> will choke); instead type the name directly into the Truecrypt
> file name entry box.
>
> Regards,
>
> PS Obviously, the visible host file could be other than a text
> file - any file type will do. For instance, the devious may use
> a not-easily-deleted system file. Or the even more devious can
> use a directory rather than a file. (Yes, directories and not
> just files can have ADSs; those attached to the root directory
> of a drive are especially hard to detect - or get rid of!)
>
> PPS For manipulating ADS additional extents (the proper name
> for the hidden piggyback files) the best program I've come
> across is NTFS Streams Info. Nothing to do with encryption,
> just revealing, creating, deleting, etc.
>
> PPPS ADS streams are becoming better known but are still not
> well-known - even to some sysadmins. Their day is passing as a
> useful trick. Passing, but not yet past :-)
>
>

This does nothing but hide it from the casual observer. That type
of observer can be fooled by just naming it to look like a system
file. If your computer is seized, the stream will be found. Any
forensics specialist worth his salt will find it very easily as
well as any admin even slightly knowledgable. It stands out like a
red flag with the tools available. I'd have to say that you make
it even easier to find by hiding it in a stream.

Redwood <anon@comments.header> wrote in news:QM3KT5C738967.8576851852
@twistycreek.com:

> "nemo_outis" <abc@xyz.com> wrote in
> news:Xns9837B47BD70FCabcxyzcom@127.0.0.1:
>
>> This may be old hat to some of you, but it may be new to others:
>> it is possible to create and/or mount an ADS (alternate data
>> stream) a
[snip]
>>
ADS streams are becoming better known but are still not
>> well-known - even to some sysadmins. Their day is passing as a
>> useful trick. Passing, but not yet past :-)
>
> This does nothing but hide it from the casual observer. That type
> of observer can be fooled by just naming it to look like a system
> file. If your computer is seized, the stream will be found. Any
> forensics specialist worth his salt will find it very easily as
> well as any admin even slightly knowledgable. It stands out like a
> red flag with the tools available. I'd have to say that you make
> it even easier to find by hiding it in a stream.

I agree, it's protection against your kid sister only - security through
obscurity, and we all know what that means! (Yuck!)

Incidently, this isn't a truecrypt "feature"; practically any OTFE system
will most likely allow this - not to mention conventional encryption
systems.

Redwood <anon@comments.header> wrote in news:QM3KT5C738967.8576851852
@twistycreek.com:

> "nemo_outis" <abc@xyz.com> wrote in
> news:Xns9837B47BD70FCabcxyzcom@127.0.0.1:
>
>> This may be old hat to some of you, but it may be new to others:
>> it is possible to create and/or mount an ADS (alternate data
>> stream) as an encrypted Truecrypt container file.
>>
>> For instance, if the file C:\somepath\sometext.txt already
>> exists on your system (or create it and fill it with some text)
>> then you would create a ADS Truecrypt volume invisibly
>> "attached" to it (called "hidden" for illustration but you may
>> wish to call it something more bland, perhaps a Kaspersky
>> antivirus ADS name) by doing the following:
>>
>> Invoke Truecrypt and, when prompted for the name of the file to
>> create as a Truecrypt container file, enter:
>>
>> C:\somepath\sometext.txt:hidden
>>
>> That is, append a colon and then the name of
>> your-soon-to-be-created-ADS Truecrypt file to the existing
>> visible file name.
>>
>> Same for mounting.
>>
>> Incidentally, do not use the file explorer dialog box (which
>> will choke); instead type the name directly into the Truecrypt
>> file name entry box.
>>
>> Regards,
>>
>> PS Obviously, the visible host file could be other than a text
>> file - any file type will do. For instance, the devious may use
>> a not-easily-deleted system file. Or the even more devious can
>> use a directory rather than a file. (Yes, directories and not
>> just files can have ADSs; those attached to the root directory
>> of a drive are especially hard to detect - or get rid of!)
>>
>> PPS For manipulating ADS additional extents (the proper name
>> for the hidden piggyback files) the best program I've come
>> across is NTFS Streams Info. Nothing to do with encryption,
>> just revealing, creating, deleting, etc.
>>
>> PPPS ADS streams are becoming better known but are still not
>> well-known - even to some sysadmins. Their day is passing as a
>> useful trick. Passing, but not yet past :-)
>>
>>
>
> This does nothing but hide it from the casual observer. That type
> of observer can be fooled by just naming it to look like a system
> file. If your computer is seized, the stream will be found. Any
> forensics specialist worth his salt will find it very easily as
> well as any admin even slightly knowledgable. It stands out like a
> red flag with the tools available. I'd have to say that you make
> it even easier to find by hiding it in a stream.


The use of ADS is not intended to hide the Truecrypt file from a thorough
search; it is intended to not obtrude the existence of a multi-gigabyte
file to casual inspection (including casual *automated* inspection of the
sort of simplistic "HD inventory" done in many corporate environments, or
the quicky scan done by customs at many border points). It is a
complement, for instance, to using the Traveller mode of Truecrypt which
also has a similar goal: not of being absolutely undetectable but of
being unobvious. The goal of not coming to someone's attention in the
first place, rather than resisting disclosure afterwards, is not one to
be sneered at.

And, no, nothing is lost by using this method. And, of course, there is
no detriment to the actual security of the file's encrypted contents,
should its existence be detected. The method doesn't try to do
Truecrypt's job of encryption; it is instead a complement to it.

I say, without fear of contradiction, that there is NO method of
unsuspiciously hiding a multi-gigabyte encrypted file from a *thorough*
search - this just makes it easier to pass undetected through a less than
thorough search (or, better yet, to avoid a search in the first place).
In fact, I strongly suspect that, until I disclosed this approach, you
would not have looked for it. It, like most conjurer's tricks, is one of
subterfuge and misdirection. And, like a conjurer's trick, it is totally
simple and obvious - but only AFTER it has been explained!

Used judiciously, the method lends itself to other tricks as well. For
instance, use of ADS escapes the Windows disk quota system. This, for
instance, permits one to stash a multi-gigabyte file on a network drive
where one supposedly only has, say, 5 meg allotted. Chances are high (in
many environments) that such a drive is not even checked for such things
- I say this from experience in a large number of clients' environments,
including several that flattered themselves that they ran tight ships.

Regards,

PS While many virus and trojan checkers now look for ADS (they didn't
until just a few years ago even though ADS has been around since about
1990) there are still several which cannot detect an ADS attached to the
*root* directory of a drive (attached, not to a file *in* the root
directory, but to the root directory itself).

PPS Personally, I have now moved away from this method to using the
still-not-widely-known method of hiding files in the HPA. Most ordinary
tools, including even some of the lesser forensic ones, will only look
for hidden partitions and the like in the accessible part of the HD,
cheerfully accepting the hardware-level under-reporting of the HD's true
capacity.

(Phoenix and some others are now screwing this up for hackers by using
such partitions for backup/recovery, which is widening the appreciatioon
of the HPA. Sic transeunt hacks :-)

Cascading methods can also be helpful. Would you like to guess how many
tools currently support looking for an ADS attached to a file in the HPA?
That's right: none!

"nemo_outis" <abc@xyz.com> wrote in
news:Xns9837E1A9AD038abcxyzcom@204.153.244.170:

> Cascading methods can also be helpful. Would you like to guess
> how many tools currently support looking for an ADS attached to
> a file in the HPA? That's right: none!
>

http://www.md5.uk.com/prodiscover_incidentresponse.htm
http://www.winhex.com/forensics/
http://vidstrom.net/stools/taft/
http://www.guidancesoftware.com/products/ef_AddOn.asp

Are a few that will do this. As you mentioned now even AV detect
and flag streams due to their utilization by viruses and older
rootkits, soon they'll be scanning the HPA as well. This may have
been useful years ago but now you are effectively tying a huge red
flag to the file. As you mentioned, it's basically impossible to
hide a file, better to disguise it than cause a second closer look
because it was flagged for being an ADS (yes, even in the HPA, it's
not immune anymore).

Redwood <anon@comments.header> wrote in news:2615EJ3J38968.1544097222
@twistycreek.com:

> "nemo_outis" <abc@xyz.com> wrote in
> news:Xns9837E1A9AD038abcxyzcom@204.153.244.170:
>
>> Cascading methods can also be helpful. Would you like to guess
>> how many tools currently support looking for an ADS attached to
>> a file in the HPA? That's right: none!
>>
>
> http://www.md5.uk.com/prodiscover_incidentresponse.htm
> http://www.winhex.com/forensics/
> http://vidstrom.net/stools/taft/
> http://www.guidancesoftware.com/products/ef_AddOn.asp
>
> Are a few that will do this. As you mentioned now even AV detect
> and flag streams due to their utilization by viruses and older
> rootkits, soon they'll be scanning the HPA as well. This may have
> been useful years ago but now you are effectively tying a huge red
> flag to the file. As you mentioned, it's basically impossible to
> hide a file, better to disguise it than cause a second closer look
> because it was flagged for being an ADS (yes, even in the HPA, it's
> not immune anymore).


I think you will find you have overstated your case. Yes, many forensic
tools can locate ADS and, yes, some now will access the HPA, but they do
not look for ADS in the HPA (commonly, but not universally, the HPA is
set up as a Linux ext2 - or variant - file system rather than NTFS and
the question of ADS does not even arise).

Moreover, even within the conventionally accessible area of a hard disk,
some of the forensic tools have trouble picking up some ADSs (such as my
trick of attaching an ADS to the root directory rather than a file). The
X-ways page you refer to above itself notes this very point (while gently
slagging off their competitors) in the following bullet:

"Easy detection of and access to NTFS alternate data streams (ADS), even
where Encase 5.05 and ILook fail"

As for anti-virus programs, many now look for viruses within ADSs but
few, in standard configuration, report the ADS if the ADS is (ostensibly)
benign. That's because thare are a few (just a few, but that's enough)
entirely legitmate uses of ADS. Examples include thumbnails, extended
document properties, and Kaspersky antivirus scan markings (yes, an
antivirus program itself uses ADS!). A (Truecrypt) ADS named and
attached to an appropriate host file as one of these legitimate types
will almost certainly not be reported by an antivirus program. (I say
this as a corporate version of TrendMicro has passed over my ADS
collection - for the umpteenth time - without reporting anything amiss.)

But I'm not here to "sell" you on the method (I get no commission :-)
I'm not pretending this is the whole toolbox, merely one tool in it -
that's why I labelled it a trick in the first place. I impart the
information to be added to the toolbox of hackers and sysadmins alike to
increase the defensive or offensive repertoire of both.

Regards,

"nemo_outis" <abc@xyz.com> wrote in message
news:Xns9837B47BD70FCabcxyzcom@127.0.0.1...
> This may be old hat to some of you, but it may be new to others: it
> is
> possible to create and/or mount an ADS (alternate data stream) as an
> encrypted Truecrypt container file.
>
> For instance, if the file C:\somepath\sometext.txt already exists on
> your
> system (or create it and fill it with some text) then you would
> create a
> ADS Truecrypt volume invisibly "attached" to it (called "hidden" for
> illustration but you may wish to call it something more bland,
> perhaps a
> Kaspersky antivirus ADS name) by doing the following:
>
> Invoke Truecrypt and, when prompted for the name of the file to
> create as a
> Truecrypt container file, enter:
>
> C:\somepath\sometext.txt:hidden
>
> That is, append a colon and then the name of
> your-soon-to-be-created-ADS
> Truecrypt file to the existing visible file name.
>
> Same for mounting.
>
> Incidentally, do not use the file explorer dialog box (which will
> choke);
> instead type the name directly into the Truecrypt file name entry
> box.
>
> Regards,
>
> PS Obviously, the visible host file could be other than a text
> file - any
> file type will do. For instance, the devious may use a
> not-easily-deleted
> system file. Or the even more devious can use a directory rather
> than a
> file. (Yes, directories and not just files can have ADSs; those
> attached to
> the root directory of a drive are especially hard to detect - or get
> rid
> of!)
>
> PPS For manipulating ADS additional extents (the proper name for
> the
> hidden piggyback files) the best program I've come across is NTFS
> Streams
> Info. Nothing to do with encryption, just revealing, creating,
> deleting,
> etc.
>
> PPPS ADS streams are becoming better known but are still not
> well-known -
> even to some sysadmins. Their day is passing as a useful trick.
> Passing,
> but not yet past :-)
>

Data streams is a feature of the NT file system (NTFS), not of
TrueCrypt. Data streams have been around since NTFS was invented. It
is sometimes used but not often. In fact, Kaspersky used it as a
means of speeding up their on-demand scans by saving a hash code of
the file in a data stream which it would compare when scanning the
file. If the file hadn't changed, the hash was the same so they could
skip scanning that file for viruses. Unfortunately that meant when
you uninstalled KAV that you ended up with lots of files with remnant
data streams.

Unless you are the only user of the host, and if you are willing to
ignore warnings from malware scanners that check for ADS, it could
easily disappear, especially if seen as a junk file or something no
longer wanted. Hiding the .tc file in a data stream is not going to
hide it from anyone except neophytes since anyone interrogating your
system will find it, especially due to the disk space usage.

If you wanted to hide what is in the TrueCrypt volume, why not use
their hidden volume trick. You use a password for the unhidden part
which you divulge under pressure or threat but the hidden stuff uses a
different password. You could use steganography to hide content
within files so users would just see the pretty picture but hidden
within is your secret data but if you save a huge amount of data in
the picture file than its size makes it suspect.

"Vanguard" <vanguard.news@yahooNIX.com> wrote in
news:vaqdndA2hZR0J5nYnZ2dnUVZ_u2dnZ2d@comcast.com:


> Data streams is a feature of the NT file system (NTFS), not of
> TrueCrypt. Data streams have been around since NTFS was invented. It
> is sometimes used but not often. In fact, Kaspersky used it...


You're coming a little late to the party - I have already noted these
points.

As for steganography, it is readily detectable unless the payload is less
than a few percent (i.e., the ratio of hidden to host data). While now
rather long in the tooth, you could start with reading the history of such
things as OutGuess and stegdetect. Then move on to the Crypto conferences
(published by Springer).

Regards,

nemo_outis wrote:

> Or the even more devious can use a
> directory rather than a file. (Yes, directories and not just files
> can have ADSs

Dr. Pedantic says: Directories ARE files.

atapen@softhome.net wrote:

> I agree, it's protection against your kid sister only - security
> through obscurity, and we all know what that means! (Yuck!)

Here we go... Can you name some type of security that ISN'T making use
of obscurity? The lock to your car and house require an
obscurely-patterned key to fit. Every one of your passwords works
because it is obscure. And on and on... And your anonymous remailer
adds privacy and security by using obscurity.

nemo_outis wrote:

> I say, without fear of contradiction, that there is NO method of
> unsuspiciously hiding a multi-gigabyte encrypted file from a
> *thorough* search

A guy I know who is much more hardcore than me sometimes takes his OTFE
file and writes it to a disk that is offline. The file ends up in
perfect form on the disk, but the file system (i.e. the MFT, if using
NTFS) contains absolutely no reference to this file. Since
crypto-strong pseudorandom algorithms are used on each and every one of
his disks, that file blends in perfectly with free space. He stores the
offset and length of the file, and nothing else. Let me know how this
method would be "suspicious" to you.

null wrote:

> atapen@softhome.net wrote:
>
> > I agree, it's protection against your kid sister only - security
> > through obscurity, and we all know what that means! (Yuck!)
>
> Here we go... Can you name some type of security that ISN'T making use
> of obscurity? The lock to your car and house require an
> obscurely-patterned key to fit. Every one of your passwords works
> because it is obscure. And on and on... And your anonymous remailer
> adds privacy and security by using obscurity.

None of those things use obscurity in any significant way to provide
security. Even your car key relies on provable mathematical formula and
the probability that a thief can't try all possible keys in any
practical span of time. Passwords and encryption (remailers) rely on
hard mathematics even more so than your auto's locks, and are
consequently even harder to "crack". Assuming passwords of sufficient
strength of course, which is a contradiction to passwords that are
merely obscure.

"null" <stay@home.com> wrote in news:MG5Ng.9253$xV.2946
@twister.nyroc.rr.com:

> nemo_outis wrote:
>
>> Or the even more devious can use a
>> directory rather than a file. (Yes, directories and not just files
>> can have ADSs
>
> Dr. Pedantic says: Directories ARE files.



If that is what he says then Dr. Pedantic is somewhat more sloppy than he
should be.

In the NTFS system all files consist of one or more entries in the MFT and
zero or more extents. A directory, like a data storage compartment (or
other info like metadata) is generally implemented as an extent. In short,
a directory is *a part of* a file (more specifically, an extent).

While not conventionally implemented this way, a single file could consist
of multiple directories, multiple data storage areas, and multiple other
unspecified types of compartment (possibly containing metadata, for
instance) with each implemented as an extent.

Regards,

"null" <stay@home.com> wrote in news:CN5Ng.9255$xV.7519
@twister.nyroc.rr.com:

> nemo_outis wrote:
>
>> I say, without fear of contradiction, that there is NO method of
>> unsuspiciously hiding a multi-gigabyte encrypted file from a
>> *thorough* search
>
> A guy I know who is much more hardcore than me sometimes takes his OTFE
> file and writes it to a disk that is offline. The file ends up in
> perfect form on the disk, but the file system (i.e. the MFT, if using
> NTFS) contains absolutely no reference to this file. Since
> crypto-strong pseudorandom algorithms are used on each and every one of
> his disks, that file blends in perfectly with free space. He stores the
> offset and length of the file, and nothing else. Let me know how this
> method would be "suspicious" to you.


I'm eager to learn how one writes to an offline disk.

Regards,

"nemo_outis" <abc@xyz.com> wrote in
news:Xns983B5CC2112AEabcxyzcom@127.0.0.1:

> "null" <stay@home.com> wrote in news:MG5Ng.9253$xV.2946


In fact, if Dr. Pedantic had wanted to be even more precise, he would have
noted that directories are subcomponents of one particular file ($MFT) and
that they are implemented as "index attributes" based on a B+ structure.
Large directories have their entries spill over into one or more instances
of "index buffers" with the index allocation attribute header specifying
the location(s) of those index buffers.

By now, I think Dr. Pedantic may regret his rather rash interjection and
wish he had not taken it upon himself to introduce his pointless correction
in the first place.

Regards,

..

On Mon, 11 Sep 2006, George Orwell wrote:

> null wrote:
>
> > atapen@softhome.net wrote:
> >
> > > I agree, it's protection against your kid sister only - security
> > > through obscurity, and we all know what that means! (Yuck!)
> >
> > Here we go... Can you name some type of security that ISN'T making use
> > of obscurity? The lock to your car and house require an
> > obscurely-patterned key to fit. Every one of your passwords works
> > because it is obscure. And on and on... And your anonymous remailer
> > adds privacy and security by using obscurity.
>
> None of those things use obscurity in any significant way to provide
> security. Even your car key relies on provable mathematical formula and
> the probability that a thief can't try all possible keys in any
> practical span of time. Passwords and encryption (remailers) rely on
> hard mathematics even more so than your auto's locks, and are
> consequently even harder to "crack". Assuming passwords of sufficient
> strength of course, which is a contradiction to passwords that are
> merely obscure.

The point is that the keys and passwords protect the car and the files.
Obscurity protects the keys and the passwords. That's what he was
saying. Ultimately your car and files are safe because you hide your
keys and passwords from strangers.

--
Chris

Chris Lawrence wrote:

> On Mon, 11 Sep 2006, George Orwell wrote:
>
> > null wrote:
> >
> > > atapen@softhome.net wrote:
> > >
> > > > I agree, it's protection against your kid sister only - security
> > > > through obscurity, and we all know what that means! (Yuck!)
> > >
> > > Here we go... Can you name some type of security that ISN'T making use
> > > of obscurity? The lock to your car and house require an
> > > obscurely-patterned key to fit. Every one of your passwords works
> > > because it is obscure. And on and on... And your anonymous remailer
> > > adds privacy and security by using obscurity.
> >
> > None of those things use obscurity in any significant way to provide
> > security. Even your car key relies on provable mathematical formula and
> > the probability that a thief can't try all possible keys in any
> > practical span of time. Passwords and encryption (remailers) rely on
> > hard mathematics even more so than your auto's locks, and are
> > consequently even harder to "crack". Assuming passwords of sufficient
> > strength of course, which is a contradiction to passwords that are
> > merely obscure.
>
> The point is that the keys and passwords protect the car and the files.
> Obscurity protects the keys and the passwords.

Obviously not. Keys and passwords aren't secure because they're
obscure, they're secure because they're made physically so.

> That's what he was
> saying. Ultimately your car and files are safe because you hide your
> keys and passwords from strangers.

False. There's a huge difference between obscurity and physical
security.

On Mon, 11 Sep 2006, Non scrivetemi wrote:

> > > None of those things use obscurity in any significant way to provide
> > > security. Even your car key relies on provable mathematical formula and
> > > the probability that a thief can't try all possible keys in any
> > > practical span of time. Passwords and encryption (remailers) rely on
> > > hard mathematics even more so than your auto's locks, and are
> > > consequently even harder to "crack". Assuming passwords of sufficient
> > > strength of course, which is a contradiction to passwords that are
> > > merely obscure.
> >
> > The point is that the keys and passwords protect the car and the files.
> > Obscurity protects the keys and the passwords.
>
> Obviously not. Keys and passwords aren't secure because they're
> obscure, they're secure because they're made physically so.

I'm not talking about security of keys and passwords, I'm talking about
the security of the protection of keys and passwords. Car keys are
quite intrinsically secure but you still have to hide them from
strangers. Ultimately the security of your vehicle comes down to how
well you hide your keys (given that the ignition can't be defeated due
to its intrinsic security). In otherwords the ignition is safe because
the key system is strong. The key is safe because you don't know how to
get it.

> > That's what he was
> > saying. Ultimately your car and files are safe because you hide your
> > keys and passwords from strangers.
>
> False. There's a huge difference between obscurity and physical
> security.

You need to make the separation between the intrinsic security of the
key and the security in managing the key. If I choose a strong password
for a well protected service that is good, but it's only safe because a)
you can't guess it, by definition and b) you can't access mine. And you
can't access mine because I hide it from you. Ultimately it comes down
to something I know that you don't know. That's security through
obscurity.

Trouble is people chant the "security by obscurity never works" mantra
so blithely, seemingly trying to look good by association with their
equally noisy peers.

--
Chris

> Trouble is people chant the "security by obscurity never works" mantra
> so blithely, seemingly trying to look good by association with their
> equally noisy peers.



"Security by obscurity never works" is a bumper-sticker version of Auguste
Kerckhoff's principle that, while catchy, sacrifices precision. Kerckhoff's
principle is presented better in the Wikipedia as: a cryptosystem should be
secure even if everything about the system, except the key, is public
knowledge. Kerckhoff's principle recognizes that every secret is a
potential point of failure, and such points of failure should therefore be
minimized by "concentrating" all secrecy at one point, the key, which can
then be guarded without diffusing one's resources. A case of accepting the
violation of another principle - no single point of failure - but
compensating by guarding the one secret (i.e., the potential point of
failure) well.

Regards,

On Mon, 11 Sep 2006, nemo_outis wrote:

> > Trouble is people chant the "security by obscurity never works" mantra
> > so blithely, seemingly trying to look good by association with their
> > equally noisy peers.
>
> "Security by obscurity never works" is a bumper-sticker version of Auguste
> Kerckhoff's principle that, while catchy, sacrifices precision. Kerckhoff's
> principle is presented better in the Wikipedia as: a cryptosystem should be
> secure even if everything about the system, except the key, is public
> knowledge.

Yup, I agree. There are two cryptosystems in existence though.
Secret1 is protected by Key1 as part of CryptoSystem1. However Key1 is
also Secret2 and is protected by Key2 as part of CryptoSystem2. In the
case where Key1 is a car key or a password, Key2 is nothing more than
privileged knowledge, and CryptoSystem2 is security by obscurity.

You're reminding me that CryptoSystem1 ought to be strong through Key1
alone. I'm not disagreeing. I'm talking about the fact that Key1 is
Secret2 and how it is kept that way.

> Kerckhoff's principle recognizes that every secret is a potential
> point of failure, and such points of failure should therefore be
> minimized by "concentrating" all secrecy at one point, the key, which
> can then be guarded without diffusing one's resources. A case of
> accepting the violation of another principle - no single point of
> failure - but compensating by guarding the one secret (i.e., the
> potential point of failure) well.

Exactly, "guarding" being the operative word, almost always coming down
to a case of hiding something, for example a sequence of characters in
your head, or keeping a car key separate from the car.

--
Chris

Chris Lawrence wrote:

> On Mon, 11 Sep 2006, Non scrivetemi wrote:
>
> > > > None of those things use obscurity in any significant way to provide
> > > > security. Even your car key relies on provable mathematical formula and
> > > > the probability that a thief can't try all possible keys in any
> > > > practical span of time. Passwords and encryption (remailers) rely on
> > > > hard mathematics even more so than your auto's locks, and are
> > > > consequently even harder to "crack". Assuming passwords of sufficient
> > > > strength of course, which is a contradiction to passwords that are
> > > > merely obscure.
> > >
> > > The point is that the keys and passwords protect the car and the files.
> > > Obscurity protects the keys and the passwords.
> >
> > Obviously not. Keys and passwords aren't secure because they're
> > obscure, they're secure because they're made physically so.
>
> I'm not talking about security of keys and passwords, I'm talking about
> the security of the protection of keys and passwords. Car keys are
> quite intrinsically secure but you still have to hide them from
> strangers.

Yes. That's physical security, not obscurity. There's a difference.
Physical security is keeping possession of your keys and not letting a
car thief have them. Obscurity would be tossing them on the ground
somewhere near your car and hoping a thief doesn't recognize that
they're car keys.

> Ultimately the security of your vehicle comes down to how
> well you hide your keys (given that the ignition can't be defeated due
> to its intrinsic security). In otherwords the ignition is safe because
> the key system is strong. The key is safe because you don't know how to
> get it.

Actually that's not true at all. In most cases a car thief knows
exactly how to get your keys. They're not obscured at all, the thief
knows they're right there in your pocket. Or inside the house where
your car is parked, or at the mall where you're shopping.

>
> > > That's what he was
> > > saying. Ultimately your car and files are safe because you hide your
> > > keys and passwords from strangers.
> >
> > False. There's a huge difference between obscurity and physical
> > security.
>
> You need to make the separation between the intrinsic security of the
> key and the security in managing the key.

I've made that distinction from the beginning. You need to understand
the difference between physical security and obscurity.


> If I choose a strong password
> for a well protected service that is good, but it's only safe because a)
> you can't guess it, by definition and b) you can't access mine. And you

Exactly. It's both cryptographically secure and physically secure.
OTOH, if you rely on obscurity by writing your password on a sticky
note and keeping it under your keyboard your security is likely to fail.

> can't access mine because I hide it from you. Ultimately it comes down

You haven't hidden anything from me. I know exactly where that password
is, and how to get it. If it were worth my time to so so I'd be able
to plan and execute an "attack" on you and own your password. Obscurity
relies on dumb luck, not the fact that you might be bigger and
stronger than me, better armed, or the fact that your password just
isn't valuable enough for me to bother with you. Your physical
security matches the value of your password. If what you're protecting
is state secrets, you might even have an entire military at your
disposal. :)

> to something I know that you don't know. That's security through
> obscurity.
>
> Trouble is people chant the "security by obscurity never works" mantra

People don't chant that at all. It may in deed work on occasion. Blind
squirrels find nuts on occasion too, but that doesn't make blind
squirrels competent food gatherers. Even though they might find the
occasional nut, they're still likely to starve in the end.

> so blithely, seemingly trying to look good by association with their
> equally noisy peers.
>

Chris Lawrence <news03@holosys.co.uk.invalid> wrote in
news:Pine.WNT.4.63.0609112310540.3792@holodeck3.ho losys.wlan:

....
>> Kerckhoff's principle recognizes that every secret is a potential
>> point of failure, and such points of failure should therefore be
>> minimized by "concentrating" all secrecy at one point, the key, which
>> can then be guarded without diffusing one's resources. A case of
>> accepting the violation of another principle - no single point of
>> failure - but compensating by guarding the one secret (i.e., the
>> potential point of failure) well.
>
> Exactly, "guarding" being the operative word, almost always coming
> down to a case of hiding something, for example a sequence of
> characters in your head, or keeping a car key separate from the car.


While hiding is the primary mechanism for most ordinary folk, there is an
alternative: prevention of dislosure by physical security including safes,
vaults, and guards (a literal application of guarding).

Safes, of course, are themselves protected by a secret (the combination or
physical key). We thus arrive at an interesting recursion problem :-)

Regards,

On Tue, 12 Sep 2006, Non scrivetemi wrote:

> Chris Lawrence wrote:
>
> > On Mon, 11 Sep 2006, Non scrivetemi wrote:
> >
> > > > > None of those things use obscurity in any significant way to provide
> > > > > security. Even your car key relies on provable mathematical formula and
> > > > > the probability that a thief can't try all possible keys in any
> > > > > practical span of time. Passwords and encryption (remailers) rely on
> > > > > hard mathematics even more so than your auto's locks, and are
> > > > > consequently even harder to "crack". Assuming passwords of sufficient
> > > > > strength of course, which is a contradiction to passwords that are
> > > > > merely obscure.
> > > >
> > > > The point is that the keys and passwords protect the car and the files.
> > > > Obscurity protects the keys and the passwords.
> > >
> > > Obviously not. Keys and passwords aren't secure because they're
> > > obscure, they're secure because they're made physically so.
> >
> > I'm not talking about security of keys and passwords, I'm talking about
> > the security of the protection of keys and passwords. Car keys are
> > quite intrinsically secure but you still have to hide them from
> > strangers.
>
> Yes. That's physical security, not obscurity.

Car keys only protect your car if they are kept out of the way of car
thieves. Yes it's physical, but necessarily so since they are physical
objects. The same applies to a password however - in this case it's
hidden, or obscured, in my head. My knowledge becomes the key that
keeps the original key safe. Therefore my knowledge is keeping the
original thing safe.

> There's a difference. Physical security is keeping possession of your
> keys and not letting a car thief have them. Obscurity would be tossing
> them on the ground somewhere near your car and hoping a thief doesn't
> recognize that they're car keys.

They're just two degrees of the same system. I might throw the keys on
the floor and hope a thief doesn't recognise them. I might leave them
on the floor under a newspaper and hope that they're not found. I might
raise them off the floor into my pocket and hope a thief doesn't mug me
for them. They're all security by obscurity. Each degree in that
example has a risk attached to it - in some cases it might be acceptable
to throw my keys on the floor, for example if I'm staying at a friend's
house and it's his floor. That's an assessment for me to make. In many
cases having posession of the keys would be equal to leaving them on the
floor - for example if I'm walking through an area where people are
often viciously mugged for their car keys, or where car-jackings are
rife. In either case there - floor or pocket or car - the result would
be the loss of the car, making the fancy key/ignition security
completely irrelevant.

> > Ultimately the security of your vehicle comes down to how
> > well you hide your keys (given that the ignition can't be defeated due
> > to its intrinsic security). In otherwords the ignition is safe because
> > the key system is strong. The key is safe because you don't know how to
> > get it.
>
> Actually that's not true at all. In most cases a car thief knows
> exactly how to get your keys. They're not obscured at all, the thief
> knows they're right there in your pocket. Or inside the house where
> your car is parked, or at the mall where you're shopping.

That proves what I'm saying. My car remains safe despite merely keeping
the keys in my pocket. My car is protected by a key, and the
key/ignition mechanism is inherently secure, but ultimately my car
remains safe because I am good at looking after a small piece of metal
and plastic, not because it is inherently secure. The same goes for a
strong password system - ultimately it's protected by obscurity - I know
something you don't know. In the end it's for me to assess how
successful the obscurity aspect is going to be.

> > > > That's what he was
> > > > saying. Ultimately your car and files are safe because you hide your
> > > > keys and passwords from strangers.
> > >
> > > False. There's a huge difference between obscurity and physical
> > > security.
> >
> > You need to make the separation between the intrinsic security of the
> > key and the security in managing the key.
>
> I've made that distinction from the beginning. You need to understand
> the difference between physical security and obscurity.

In these examples they are necessary consequences of the systems
described but the principles remain the same.

> > If I choose a strong password
> > for a well protected service that is good, but it's only safe because a)
> > you can't guess it, by definition and b) you can't access mine. And you
>
> Exactly. It's both cryptographically secure and physically secure.
> OTOH, if you rely on obscurity by writing your password on a sticky
> note and keeping it under your keyboard your security is likely to fail.

Keeping it on a sticky note is just another level in the spectrum of
"keeping the password from those who should not have it". It's no
different to keeping it in my head in principle. It's harder to get out
of my head than it is to get from under my keyboard, but perhaps not
that much harder. A few minutes of torture might get it with little
effort. In my head, under my keyboard, they're all just degrees of
security through obscurity. And of course, they work.

> > can't access mine because I hide it from you. Ultimately it comes down
>
> You haven't hidden anything from me. I know exactly where that password
> is, and how to get it. If it were worth my time to so so I'd be able
> to plan and execute an "attack" on you and own your password.

Exactly - you know I have a password hidden from you, yet I remain safe.
As I said months ago, security through obscurity is a risk assessment.
I don't think anyone is going to torture me for the password to my mail
account so I can happily remember it. I don't think anyone is going to
gain access to my pocket so I can store my car key there. If I felt
that someone WOULD torture me for a password, I would look at
alternative methods to using a password. And if someone DID
successfully extract a password, what use was the security of a
key-based system anyway? Ultimately it comes down to management of the
keys, and much of the time that's done by hiding them and assessing the
risks in doing so.

> Obscurity relies on dumb luck, not the fact that you might be bigger
> and stronger than me, better armed, or the fact that your password
> just isn't valuable enough for me to bother with you.

It relies on many variables, where dumb luck isn't something I would
consider an informed risk assessment. I think that it what most people
are imagining when they talk about security through obscurity. Without
the risk assessment it is indeed pure luck based and worthless.

--
Chris

nemo_outis wrote:

> Chris Lawrence <news03@holosys.co.uk.invalid> wrote in
> news:Pine.WNT.4.63.0609112310540.3792@holodeck3.ho losys.wlan:
>
> ...
> >> Kerckhoff's principle recognizes that every secret is a potential
> >> point of failure, and such points of failure should therefore be
> >> minimized by "concentrating" all secrecy at one point, the key, which
> >> can then be guarded without diffusing one's resources. A case of
> >> accepting the violation of another principle - no single point of
> >> failure - but compensating by guarding the one secret (i.e., the
> >> potential point of failure) well.
> >
> > Exactly, "guarding" being the operative word, almost always coming
> > down to a case of hiding something, for example a sequence of
> > characters in your head, or keeping a car key separate from the car.
>
>
> While hiding is the primary mechanism for most ordinary folk, there is an

Putting the keys in your pocket when you park your car isn't "hiding".
It's physical security. 99% of the time people will know or can guess
exactly where they are.

> alternative: prevention of dislosure by physical security including safes,
> vaults, and guards (a literal application of guarding).

Those things are certainly physical security, but so is keeping
something on your person, or in your house. You're guarding it, not
hiding it.

"nemo_outis" <abc@xyz.com> wrote in message
news:Xns983ADCE3D3C31abcxyzcom@204.153.244.170...
> "Vanguard" <vanguard.news@yahooNIX.com> wrote in
> news:vaqdndA2hZR0J5nYnZ2dnUVZ_u2dnZ2d@comcast.com:
>
>
>> Data streams is a feature of the NT file system (NTFS), not of
>> TrueCrypt. Data streams have been around since NTFS was invented.
>> It
>> is sometimes used but not often. In fact, Kaspersky used it...
>
>
> You're coming a little late to the party - I have already noted
> these
> points.
>
> As for steganography, it is readily detectable unless the payload is
> less
> than a few percent (i.e., the ratio of hidden to host data). While
> now
> rather long in the tooth, you could start with reading the history
> of such
> things as OutGuess and stegdetect. Then move on to the Crypto
> conferences
> (published by Springer).
>
> Regards,
>


For my post dated 9/10/06 at 8:24 PM, you only had 2 posts before
that. In those 2 posts, just where did you say that ADS was a feature
of NTFS (so we knew that you knew what ADS was about)? The only
mention of "NTFS" was in your first post and that was for the name of
a utility, not in your description of data streams. Where in those
posts did you address the issue of anti-malware programs triggering on
the streams and possibly resulting in deleting their files because of
the inclination to eradicate "pests"? Where in your 2 prior posts did
you mention using the hidden volume within a TC volume to hide content
(rather than waste effort to hide the fact that the TC volume exists)?
So on what was I "late"? Remember that indentation shown in
newsreaders for thread posts in a discussion will push down the
branches with older datestamps to show the subbranches that were added
at later times. Obviously my post could not address or account for
topics discussed in posts that were submitted later.

Chris Lawrence wrote:

> > > > > The point is that the keys and passwords protect the car and the files.
> > > > > Obscurity protects the keys and the passwords.
> > > >
> > > > Obviously not. Keys and passwords aren't secure because they're
> > > > obscure, they're secure because they're made physically so.
> > >
> > > I'm not talking about security of keys and passwords, I'm talking about
> > > the security of the protection of keys and passwords. Car keys are
> > > quite intrinsically secure but you still have to hide them from
> > > strangers.
> >
> > Yes. That's physical security, not obscurity.
>
> Car keys only protect your car if they are kept out of the way of car
> thieves. Yes it's physical, but necessarily so since they are physical
> objects. The same applies to a password however - in this case it's
> hidden, or obscured, in my head.

It's not obscured in your head at all. You know exactly where it is,
and so does an attacker. Obscurity would be using your child's middle
name as a password and hoping an attacker just happened not to guess
it or see the "all A's" report card on the bulletin board next to the
computer and try it, or writing down a strong password and taping it
to the under side of a desk drawer hoping nobody would look there.

What you do when you keep passwords in your head is still physical
security. You're relying on your physical ability to keep something
secret. Banking on the notion that nobody can beat it out of you, that
you'll talk in your sleep, or that you'll let someone see over your
shoulder when you enter it.

> My knowledge becomes the key that
> keeps the original key safe. Therefore my knowledge is keeping the
> original thing safe.
>
> > There's a difference. Physical security is keeping possession of your
> > keys and not letting a car thief have them. Obscurity would be tossing
> > them on the ground somewhere near your car and hoping a thief doesn't
> > recognize that they're car keys.
>
> They're just two degrees of the same system. I might throw the keys on

They're no such thing at all. When you keep something on your person
(or in your head) you're providing physical security. When you toss
something on the ground or tape it to the bottom of your keyboard and
just pray nobody discovers it, there's no physical security at all. A
safe behind a painting has elements of both. A safe out in the open is
physical. A painting hiding a secret open shelf is pure obscurity. If
you memorize your password then hide behind a drape to avoid attackers
you may have elements of both, but most people don't bother with trying
to make themselves obscure if they're confident nobody can make them
confess their secrets. They and everyone else know exactly who has that
secret, and where they are. Where that secret might be obtained. Thus
there is no element of obscurity. None.

> the floor and hope a thief doesn't recognise them. I might leave them
> on the floor under a newspaper and hope that they're not found. I might

Obscurity.

> raise them off the floor into my pocket and hope a thief doesn't mug me
> for them.

Physical security. Completely different and easily distinguishable
things.

> They're all security by obscurity. Each degree in that

Nope.

> example has a risk attached to it - in some cases it might be acceptable
> to throw my keys on the floor, for example if I'm staying at a friend's
> house and it's his floor. That's an assessment for me to make. In many

That would be no security at all, assuming you were aware your friend
knew about your keys. At least not from your friend. If the house is
secure then you keys are physically secured from outsiders. To what
degree they're physically secure is a matter of debate, but it's still
physical security.

> cases having posession of the keys would be equal to leaving them on the
> floor - for example if I'm walking through an area where people are
> often viciously mugged for their car keys, or where car-jackings are
> rife.

Physical security. Likely to fail unless you're a formidable target,
but physical security none the less.

> In either case there - floor or pocket or car - the result would
> be the loss of the car, making the fancy key/ignition security
> completely irrelevant.

The fact that something might fail is completely irrelevant. There's is
no perfect security of any type.

> > > Ultimately the security of your vehicle comes down to how
> > > well you hide your keys (given that the ignition can't be defeated due
> > > to its intrinsic security). In otherwords the ignition is safe because
> > > the key system is strong. The key is safe because you don't know how to
> > > get it.
> >
> > Actually that's not true at all. In most cases a car thief knows
> > exactly how to get your keys. They're not obscured at all, the thief
> > knows they're right there in your pocket. Or inside the house where
> > your car is parked, or at the mall where you're shopping.
>
> That proves what I'm saying. My car remains safe despite merely keeping
> the keys in my pocket.

Yes. Because the keys are physically secure in your pocket. If you hid
them on top of the back tire that would be obscurity. You're not trying
to hide the fact that you have the keys in your pocket, in fact you
probably put them there in plain view of anyone who happened to be in
the vicinity. And they likely make a bulge that most anyone can
identify. You may even jingle them from time to time out of habit. The
security of your keys depends entirely on you physically maintaining
possession of them, and not one bit on you trying to hide the fact that
you have them.

> My car is protected by a key, and the
> key/ignition mechanism is inherently secure, but ultimately my car
> remains safe because I am good at looking after a small piece of metal
> and plastic, not because it is inherently secure. The same goes for a
> strong password system - ultimately it's protected by obscurity - I know

No. It's ultimately protected by a mathematically secure sequence of
characters and your physical ability to keep them a secret. You're not
trying to hide the fact that you're the one who knows the password any
more than you're trying to hide the fact that you have car keys in your
pocket.

[...]

> Keeping it on a sticky note is just another level in the spectrum of
> "keeping the password from those who should not have it". It's no
> different to keeping it in my head in principle. It's harder to get out

Nonsense. In your head you're maintaining possession and control. On a
sticky note under your keyboard you're abdicating all that and relying
on dumb luck. Two completely different things.

> of my head than it is to get from under my keyboard, but perhaps not
> that much harder. A few minutes of torture might get it with little
> effort. In my head, under my keyboard, they're all just degrees of
> security through obscurity. And of course, they work.

Obscurity fails with an all too predictable regularity. Just ask anyone
who had their house broken into because they hid a key under the door
mat, or their account broken into because they taped their password to
the bottom of their keyboard.

> > > can't access mine because I hide it from you. Ultimately it comes down
> >
> > You haven't hidden anything from me. I know exactly where that password
> > is, and how to get it. If it were worth my time to so so I'd be able
> > to plan and execute an "attack" on you and own your password.
>
> Exactly - you know I have a password hidden from you, yet I remain safe.

Why can't you see that it's not hidden. I know exactly where it is. In
your head. It's security is and always will be your ability to keep it
fr