![]() ![]() Feel free to put something slightly shady in the outside file, but nothing that would actually cause you problems. When in fact, they don't have anything at all. In this way, you can "allow" your attackers to look at the outside container and let them think they have the entire container. But also don't overlook that you can also take one encrypted file and place it on the inside of a larger encrypted file. You can conceivably use a shorter pass word if you are using keyfiles, and if you are not worried about performance hits, using AES Twofish and Serpent will cause much headache to those trying to get into the encrypted material. I would make sure to make each keyfile read-only however. Create one keyfile for each hash algorithm they provide. If you do use Keyfiles, I'd recommend having TrueCrypt create 3 keyfiles for you. And then again after Twofish they run into Serpent, which is the biggest beast of them all (even though it is less used / tested than AES, it still has a much higher security margin than AES) so they do all this work to break the AES, only to find that Twofish stands in their way now. ![]() Plus, if someone assumes a file is encrypted with AES, there's no way of seeing that is is then encrypted with Twofish. That one is the most tried and true and the most tested of all of them. I recommend the AES-Twofish-Serpent over the Serpent-Twofish-AES because you want the outermost encryption (AES will be the first layer they need to break) to be the most standard in the industry. You can also use Keyfiles to further secure your password. Use Microsoft's online password checker for a strength test. 20 to 30+ characters, uppercase, lowercase, numbers, symbols. MOST IMPORTANT is to use a VERY strong password. I'm leaning towards Whirlpool because SHA-512 is already having a successor developed because of fears that it is based on an older SHA-1 that has been compromised.) Use the AES-Twofish-Serpent cascading encryption with the XTS method. Using TrueCrypt 7.0a, the most secure method of encryption is: ![]()
0 Comments
Leave a Reply. |