This project has moved and is read-only. For the latest updates, please go here.
3
Vote

Bootloader Timeout and Cancel Timeout on Key Strike

description

Diskcryptor has provided a much better Bootloader than Truecrypt for a long time.

As a background, I have a Dual Boot system - C: is unencrypted but D: is encrypted using full disk encryption. C: is always bootable (unencrypted), but for D: if the password is wrong or no password is given D: will not boot


The bootloader of Diskcryptor allows:


Bootloader Timeout:

The bootloader prompts for a password, for which a timeout can be set
e.g. 3 seconds. If nothing is pressed within 3 seconds, the bootloader continues.

To further disguise the bootloader, the prompt message can be completely blank and the only thing displayed is a flashing cursor (for X seconds as set by the bootloader).

However, if the user strikes a key within 3 seconds, the timeout is cancelled and the bootloader waits until the user has attempted a password.

(See screenshot 'Authentication Method' for example).

Note: It is not necessary to press ESC key at all with this method - this is good as being forced to take action such as pressing ESC key to move on could alert an adversary that the device is in some way encrypted. In the interests of plausible deniability it is better if this is not necessary.




Incorrect Password:

If no password is entered (i.e. timeout) or an incorrect password is entered, the bootloader continues to load the Boot Disk MBR.

It is the user choice whether or not to display an "Incorrect password" error message, or again this can be blank (please see screenshot 'What Happens with Invalid/No Password').



It would be very helpful if you can implement this in Veracrypt

(i.e. timeout, with ability to set how many seconds + cancel timeout on key strike)




as it means no need to run both Diskcryptor and Truecrypt which slows system down too much due to dual encryption!



Some screenshots showing Diskcryptor bootloader settings:

Boot Method - http://postimg.org/image/z46j038rt/
Authentication Method - http://postimg.org/image/b2heuqh7h/
What Happens with Invalid/No Password - http://postimg.org/image/ire96ghp9/

file attachments

comments