FreeOTFE / FreeOTFE4PDA PC version: v5.21 PDA version: v5.21 By Sarah Dean [email protected] Last updated: 7th February 2010 http://www.FreeOTFE.org/ A free on-the-fly transparent disk encryption program for MS Windows 2000/XP/Vista/Windows 7 PCs (both 32 and 64 bit) and Windows Mobile 2003/2005 and Windows Mobile 6 and later PDAs. Contents 1 Introduction . 1 1.1 Features . 1 2 Download . 5 3 Installation and Upgrading . 6 3.1 PC Version . 6 3.1.1 Automatic installation . 6 3.1.2 Manual installation . 6 3.1.3 Additional Information for Windows Vista x64 and Windows 7 x64 Users Only . 8 3.2 PDA Version . 12 3.2.1 Faster mounting . 13 3.2.2 Alternative drivers . 13 4 Getting Started Guide . 14 4.1 Installation/Portable mode . 14 4.2 Using FreeOTFE . 14 4.3 Creating a new volume . 14 4.4 Mounting volumes . 16 4.5 Dismounting volumes . 18 4.6 Changing a volume’s password . 19 5 Advanced Topics . 21 5.1 Keyfiles . 21 5.1.1 Creating a new keyfile . 21 5.1.2 Mounting a volume using a keyfile . 21 5.2 Partition/Entire Disk Based Volumes . 22 5.2.1 Safety Precautions . 22 5.2.2 Special Note for Windows Vista x64 (64 bit) and Windows 7 (64 bit) Users .. 23 5.3 Creating Hidden Volumes . 24 5.4 Volume Creation: Advanced Options . 25 5.4.1 Key Iterations . 25 5.4.2 Salt . 25 5.4.3 Drive Letter . 26 5.4.4 CDB Location . 26 5.4.5 Padding . 26 5.5 Password Entry: Advanced Options . 27 5.5.1 Advanced Security Details . 27 5.5.2 Mount Options . 28 5.5.3 Mountpoint . 29 5.6 Driver Control . 29 5.6.1 Installing New Drivers . 30 5.6.2 Modify Existing Drivers . 30 5.7 Enabling/Disabling Hash/Cypher Algorithms . 31 6 Portable Mode . 33 6.1 Portable Mode and Removable Media . 34 7 Security Token/Smartcard Support . 35 7.1 Initial configuration . 35 7.2 Secure Keyfile Store . 36 7.2.1 Usage . 36 7.3 Token Encryption . 37 7.3.1 Usage . 37 i 7.4 PIN Entry . 38. 7.4.1 Secure authentication path . 39. 8 Command Line Interface . 40. 8.1 PC Version . 40. 8.1.1 Synopsis . 40. 8.1.2 Description . 40. 8.1.3 Options . 40. 8.1.4 Exit Codes . 43. 8.1.5 Examples . 43. 8.2 PDA Version . 44. 8.2.1 Synopsis . 44. 8.2.2 Description . 45. 8.2.3 Options . 45. 8.2.4 Exit Codes . 46. 8.2.5 Examples . 46. 9 Linux Volumes . 47. 9.1 Creating Linux Volumes . 47. 9.2 Hiding a Linux Volume Within Another Volume . 48. 9.3 Mounting Volumes Created under Linux . 48. 9.4 Cryptoloop Specific Information . 48. 9.4.1 Hash Selection . 49. 9.4.2 Cryptoloop and RIPEMD-160 . 49. 9.4.3 Cypher Selection . 49. 9.5 dm-crypt Specific Information . 49. 9.5.1 /dev/loop1 Usage in the Examples Included in this Documentation .. 49. 9.5.2 Hash Selection . 50. 9.5.3 ESSIV . 51. 9.6 LUKS Specific Information . 51. 9.6.1 ESSIV . 51. 9.6.2 FreeOTFE Supported LUKS Cyphers . 52. 9.6.3 FreeOTFE Supported LUKS Cypher modes . 52. 9.6.4 FreeOTFE Supported LUKS hashes . 52. 9.7 Additional Notes on Linux Volumes . 53. 9.8 Examples: Cryptoloop . 53. 9.8.1 Initial Setup . 54. 9.8.2 Defaults . 54. 9.8.3 Example #1: Volume Without Encryption . 54. 9.8.4 Example #2: Volume Encrypted Using XOR . 55. 9.8.5 Example #3: Volume Encrypted Using 128 bit AES .. 56. 9.8.6 Example #4: Volume Encrypted Using 256 bit AES .. 57. 9.8.7 Example #5: Volume Encrypted Using 256 bit AES and rmd160 Hash .. 58. 9.8.8 Example #6: Volume Encrypted Using 256 bit AES and Seed Value .. 59. 9.8.9 Example #7: Volume Encrypted Using 256 bit AES and Offset .. 60. 9.8.10 Example #8: Volume Encrypted Using 256 bit Twofish .. 60. 9.9 Examples: dm-crypt . 61. 9.9.1 Initial Setup . 61. 9.9.2 Defaults . 62. 9.9.3 Example #1: Volume Encrypted Using dm-crypt’s Default Encryption .. 62. 9.9.4 Example #2: Volume Encrypted Using 128 bit AES .. 63. 9.9.5 Example #3: Volume Encrypted Using 256 bit AES, using SHA256 ESSIV .. 64. ii 9.9.6 Example #4: Volume Encrypted Using 448 bit Blowfish .. 65. 9.9.7 Example #5: Volume Encrypted Using 256 bit Twofish and Offset .. 66. 9.9.8 Example #6: Volume Encrypted Using 256 bit AES with MD5 Password Hashing . 67. 9.9.9 Example #7: Volume Encrypted Using 448 bit Blowfish, MD5 Password Hashing and SHA-256 ESSIV . 68. 9.9.10 Example #8: Volume Encrypted Using AES-256 in XTS Mode (aka XTS-AES-256) .69 9.10 Examples: LUKS . 70. 9.10.1 Initial Setup . 70. 9.10.2 Defaults . 71. 9.10.3 Example #1: Volume Encrypted Using LUKS’s Default Encryption .. 71. 9.10.4 Example #2: Volume Encrypted Using 256 bit AES .. 72. 9.10.5 Example #3: Volume Encrypted Using 128 bit Twofish .. 73. 9.10.6 Example #4: Volume Encrypted Using 256 bit AES-XTS .. 73. 9.10.7 Example #5: Volume Encrypted Using 256 bit Serpent XTS .. 74. 10 Plausible Deniability . 76. 10.1 Overview . 76. 10.2 Legal Issues . 76. 10.3 Hidden Volumes . 77. 10.4 More Advanced Hidden Volumes . 77. 10.5 In Practice . 78. 11 Miscellaneous Notes . 79. 11.1 PC Version . 79. 11.1.1 Windows Vista and Windows 7 Specific . 80. 11.2 PDA Version . 81. 12 FAQ . 82. 12.1 FAQ Contents . 82. 12.1.1 General . 82. 12.1.2 FreeOTFE Specific (PC) . 83. 12.1.3 FreeOTFE4PDA Specific (PDA) . 85. 12.1.4 FreeOTFE Explorer Specific . 85. 12.2 General . 86. 12.3 FreeOTFE Specific (PC) . 101. 12.4 FreeOTFE4PDA Specific (PDA) . 116. 12.5 FreeOTFE Explorer Specific . 121. 13 Technical Details . 123. 13.1 FreeOTFE Volumes and Keyfiles . 123. 13.1.1 Notes . 123. 13.2 Technical Details: Critical Data Block Layouts . 123. 13.2.1 CDB Format ID 1 . 124. 13.2.2 CDB Format ID 2 . 131. 13.2.3 CDB Format ID 3 . 137. 13.2.4 CDB Format ID 4 . 142. 13.3 Creating FreeOTFE Volumes . 143. 13.3.1 Writing the CDB/keyfile . 143. 13.4 Mounting FreeOTFE Volumes . 144. 13.4.1 Additional information . 145. 13.5 Encrypted Partition Image Encryption/Decryption .. 146. 13.5.1 Per-Sector IV Generation . 146. 13.6 Registry Entries . 147. 13.7 Portable Mode Impact . 148. iii 13.8 Random Number Generators (RNGs) . 148. 13.8.1 Microsoft CryptoAPI . 149. 13.8.2 Mouse Movement . 149. 13.8.3 cryptlib . 149. 13.8.4 PKCS#11 Tokens . 149. 13.9 Building the Software . 149. 13.9.1 FreeOTFE . 150. 13.9.2 FreeOTFE4PDA . 153. 13.9.3 FreeOTFE Explorer . 153. 13.9.4 Building the Command Line Decryption Utilities .. 154. 13.9.5 Signing the Binaries . 155. 13.9.6 Additional Notes . 155. 13.10 Creating a New Hash/Cypher Driver . 156. 13.10.1 Hash Length/Blocksize . 157. 13.10.2 Cypher Keysize/Blocksize . 158. 13.10.3 Miscellaneous Comments: Cypher Drivers .. 159. 13.11 Filename Extensions . 159. 14 Known Bugs . 160. 15 Fault/Bug Reporting . 161. 16 TODO List . 162. 17 Appendix A: Version History . 163. 17.1 PC Version . 163. 17.2 PDA Version . 170. 18 Appendix B: Credits . 173. 18.1 Translations . 173. 19 Appendix C: Licence . 174. 19.1 Preamble . 174. 19.2 FreeOTFE Licence (v1.1) . 174. 19.2.1 Exhibit A . 175. 19.2.2 Exhibit B . 175. 19.2.3 Exhibit C . 175. 19.2.4 Exhibit D . 175. 20 Appendix D: Glossary . 176. 21 Appendix E: PKCS#11 Driver Libraries . 177. 22 Appendix F: Command Line Decryption Utilities . 183. 22.1 Overview . 183. 22.2 Operation.