Password-based Uniform-Random-Equivalent Encryption
#1
Interesting.. https://puree.cc and white paper

Quote:PUREE is a full-disk encryption header format (and tool, currently only supported on Linux) which gives you the ability to perform full-disk encryption in a way that ensures that it is infeasible for someone to determine which of the following is true:

- Your disk is encrypted, or
- Your disk has been "wiped" with random bits.


Does Algorithm Identification step really impossible with this new tool?
Reply
#2
it wouldn't be surprising that there exists software that can encrypt disks/volumes/containers etc and make them look as random data.
The problem only is that also (plain text and easy to spot) metadata and headers/footers or obvious boot loaders etc can't be on the disk, because they would indicate an encrypted disk and also possible also which type of software was used to encrypt it etc.

so yeah, it's quite easy to make encrypted data look like random data... but it's quite difficult to hide every trace and have the bootloader located somewhere else and still make it user friendly etc (maybe separate USB stick etc).

This also has nothing to do with hashcat... it's just a strategy that also VeraCrypt and TrueCrypt and other full disk encryption software tried to implement (not all are that good at the job, but they at least try)...

but there is another problem... let's say that law inforcement or some forensic firm is analysing your HDD and recognizes almost 100% random data on the disk... they will be suspicious anyway, just because almost every sector seems completely random ... and this might not be the case in most of the other disk they are investigating.... so even if you could have just written random data to it, they will be suspicious and maybe assume/know that there is some encrypted data on it.

These are all known concepts in terms of cryptography and full disk encryption. and of course it's best to encrypt stuff, but it's quite foolish to assume just because encrypted data looks like random data, nobody will ever know/assume it's encrypted
Reply