When building multiple Truecrypt containers, the utility provides for the user to generate entropy (randomness) data to fill a buffer exactly one time. This is done by tracing the movements of a mouse, and using the x.y coordinates to populate the buffer in question.
It may be observed that the check box to hide the header key is located at the same part of the window every time, and this is an early destination for the user's to mouse. If an intruder were to attempt to log mouse data in the same way that a key-logger log's keyboard input, it would be possible to approximate the password vector by doing some arduous data crunching.
A defeat for this is to ensure that early in the process, one employs an alt-click, or a control click. shift-click is yet another variation, or some combination of these. Because it would be difficult to know the time between each, with respect to the logged key strokes, this would obfuscate the password vector proportionately to the difference in a rocket trajectory when modified at low altitude, versus high latitude.
I expect that despite the fact that the entropy buffer is filled only once, even when building multiple containers, the differences in the passwords result in such changes that it does not compromise the quality of the encryption, if only the user devotes adequate time to entering randomness; a terrabyte drive calls for far more random data than a 20MB email attachment.
No comments:
Post a Comment