Creating a hidden virual TrueCrypt volume

Creating a hidden virual TrueCrypt volume

Not everything you store on your computer is for everyone to see. This can be personal documents, porn hidden from your girlfriend, or illegal things that you don't want the cops to find if they confiscate your computer. In this tutorial I will explain how to set up a hidden virtual TrueCrypt volume to help you securing whatever data you're hiding.

Requirements

• TrueCrypt [ Website | Download ]
  

What is a hidden virtual TrueCrypt volume?

This method is more secure than just a regular encrypted volume since it let's you create a decoy volume first where you can put some stuff that looks important, but really isn't.

From the TrueCrypt documentation:

Quote:The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it should be impossible to prove whether there is a hidden volume within it or not, because free space on any TrueCrypt volume is always filled with random data when the volume is created and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.

Source: http://www.truecrypt.org/docs/hidden-volume

Setting up a TrueCrypt volume is simple. Each step has a good description, and the TrueCrypt website has good documentation. So just follow each step and read the description closely and you should be completing it in no time. I have left pictures of each step inside the spoiler for visual clarity

Step 1: Open TrueCrypt and click Create Volume

Step 2: Create an encrypted file container
When creating an encrypted file container we create a virtual drive. This can be mounted through the TrueCrypt application only, and when mounted it acts as a regular removable device such as USB stick, external hard drive, etc

Step 3: Select volume type
We will be using a hidden volume and the reason for this is simple: Security. Creating the volume consists of two parts.

1. The decoy
   First we create the outer volume, the decoy. This is where you store some stuff that looks secret and/or important. This can be contracts for an apartment, letters to landlord/school/boss, etc.
2. The hidden volume
   After the outer volume is created we create a the hidden volume.

TrueCrypt separates these two volumes by having different password. The password for the outer volume doesn't have to be of any crazy strength, but it should also not be to easy.
The password for the hidden volume should be very strong. Minimum 20 characters in length, and a good mix between upper- and lowercase, numbers and signs. I suggest the "Ft. Knox Passwords" found in http://www.randomkeygen.com

Documentation: http://www.truecrypt.org/docs/hidden-volume

Step 4: Select or create volume file

Step 5: Volume encryption
I personally use the default settings which is AES and RIPEMD-160. This decission was made based on not having any advanced cryptography knowledge and trusting the articles I read.

More info about AES and RIPEMD can be found in the links below
http://en.wikipedia.org/wiki/Advanced_En...n_Standard
http://en.wikipedia.org/wiki/RIPEMD

Step 6: Volume size
Keep in mind that TrueCrypt files are fixed size. This means that if you create a volume to be 100GB it will take up that much space on your computer even if there's no files saved in it.

Step 7: Set password
As mentioned above, this password doesn't need to be of any insane strength, but don't make it to simple. At least mix upper- and lowercase and numbers. Minimum length of 8 characters would make it even better.
If you are forced to give up the password it will most likely lead to suspicion if the password too simple. Why use TrueCrypt to secure your documents when the password is vulnerable to basic dictionary attacks?
One thing that is important though, if you should find yourself in this situation. Do not give up the outer password to easy. If you don't put up a fight, this could also be a reason for suspicion. No one with something to hide will just give up a password right away.

Step 8: Format the volume
We now need to format the outer volume. Read the description of the step before clicking format.

Step 9: End of outer volume creation
This last step is just a confirmation that the outer volume was created successfully. You can just click next on this one

-- Hidden volume --
The process of setting up the hidden volume is almost identical to the outer volume.

Step 10: Set encryption
This is the same as Step 5. I use the same settings here as in the outer volume

Step 12: Set size
Here you can set the value to the max size provided by TrueCrypt

Step 13: Set password
This password should be minimum 20 characters and a mix between upper- and lowercase letters, digits and special characters. I recommend using one from the "Ft. Knox Passwords" section in http://www.randomkeygen.com.

Step 14: Storing large files
Make sure that you think this one through. Let's say we wan't to hide a Virtual Machine in this volume it's very important that we select I will store files larger than 4 GB on the volume.

Step 15: Setting file system to use

Step 16: Cross-Platform support
This step I leave up to you as the reader. There's no way for me to say what you should select here. It all depends on how you intend to use it.

Step 17: Format the hidden volume
This step is just like Step 8. I do suggest that you move the mouse even more randomly, and for a longer period of time than you did on the outer volume. This will make the cryptography use on the hidden volume stronger than the outer.

Step 18: All done
The last that appears now is just a confirmation that the volume was successfully created, and that you can create a new volume or exit.