Make VC-encryption independent from (USB)-SATA-Controller

Topics: Feature Requests, Technical Issues, Users Discussion
Nov 28, 2015 at 5:16 AM
Edited Nov 28, 2015 at 5:17 AM
With TrueCrypt I faced a surprising situation:

I connected a second (beside my "main" hard disk with the WinOS 7) SATA hard disk directly with a SATA cable to the motherboard, then encrypted the whole hard disk (not only a partition on it) and finally stored lots of files on this encrypted hard disk.

Later I disconnected this second hard disk from motherboard and put it into an external USB case.

When I connected now this external USB hard disk with TrueCrypt I had to recognize that all my previous files where NOT accessible any more. This is strange!

As I found out the whole encryption is DEPENDENT not only from the TC password but from the intermediate Motherboard or USB Controller as well.

This is a serious problem!

Imagine when my USB case is getting damaged and I put the hard disk into another USB case from another manufacturer with another USB-SATA Controller then I cannot read all my encrypted files any more.
Or - second scenario - I switch to another motherboard.

Can VeraCrypt offer a solution for that?

Maybe VeraCrypt can generate an USB-SATA independent header-key which helps me to adjust the content to a new USB-SATA environment?

Thank you
Peter
Dec 5, 2015 at 12:29 AM
Edited Dec 5, 2015 at 2:01 PM
I bet this is not a VC issue!

But please provide more information:
When I connected now this external USB hard disk with TrueCrypt I had to recognize that all my previous files where NOT accessible any more.
-> By "NOT accessible" you mean that the volume cannot be mounted?

As I found out the whole encryption is DEPENDENT not only from the TC password but from the intermediate Motherboard or USB Controller as well.
-> How did you "find out" that the encryption is dependent on the Motherboard or USB Controller?

BTW: I assume you are not using any other encryption like hardware-based encryption.

I used TC and VC volumes via SATA, eSATA, USB2 and USB 3 on different computers, using even different external HDD cases and I never had problems.

Some external drive boxes do weird things which cause incompatibility between the usage in the case and directly via SATA.
Those drives use "virtual" 4096 Byte sectors (instead of 512 Byte).
Reason: The old partition table (MBR) has a limited sector count, causing a limit of 2,2TB with normal 512 Byte sectors. For larger disk with 512 Byte sectors, the newer GPT partition table has to be used. As GPT is not supported by older operating systems - especially Windows XP - those external drive cases simulate 4096 Byte sectors to allow to access ~17,6 TB of data using MBR.
Dec 6, 2015 at 6:38 AM
-> By "NOT accessible" you mean that the volume cannot be mounted?

Yes

-> How did you "find out" that the encryption is dependent on the Motherboard or USB Controller?

I put the hard disk back onto SATA slot on motherboard and it works again

-> BTW: I assume you are not using any other encryption like hardware-based encryption.

Correct. I use TrueCrypt only

--> GPT

Interesting. So you mean if I use GPT on these hard disk then these problems will never appear?
Good idea.

I will check this on occasion.
Dec 7, 2015 at 12:01 PM
I never tested such an external HDD myself, but I think it will emulate 4K sectors no matter whether GPT is used or not.
Just blame the manufacturer for this great idea - maybe you can disable this "feature".
This problem is not about VC, but about the USB Controller - it is also nasty for recovery in case the USB Controller is broken.