StrongDisk Emergency Options: Volumes Secured with Both a Password and Keyfile

Written: 24th January 2002
Last updated: 24th January 2002

Contents

Introduction

This document details the expected and actual results of using the various "emergency options" provided by StrongDisk when used in conjunction with volume files that are secured using both a password and keyfile

These tests results were obtained from StrongDisk v2.8.5.7

In these tests, different keyfiles were used during the creation of the real and "false" volume files

Explanation of the Results Reported

Each of the two result tables following use the following abbreviations to indicate the actual/expected outcome of the test:
 
Effect Explanation
(Wrong pass) StrongDisk reports that the "wrong password" was entered; no further action is taken and the user is returned to the "Mount disk" dialog
Real volume mounted The real volume was correctly mounted
False volume mounted The false volume was mounted
Volume files swapped The real and false volume files were swapped
FVP changed to DP The password for the false volume file was changed to the "destruction password"
RKF replaced with FKF The contents of the real volume's keyfile should be replaced with the false volume's key such that what was the real volume's keyfile should no longer be valid for the real volume file, but should unlock the false volume file instead
Real volume destroyed The real volume file should be destroyed: "erased completely, and further recovery is impossible" as StrongDisk's documentation puts it
Unknown FV modification The false volume file was modified, although can still be mounted by using the false password together with the false volume's keyfile,
StrongDisk raises error This one is a little weird. This entry indicates that StrongDisk reported two errors: one "when trying to open file containing the key", and another when it was "Unable to find the file with the key"

Expected Results

The following table details the expected results of turning on each of StrongDisk's "emergency" options. It should be noted that these results are derived from reading the relevant StrongDisk documentation.

An explanation of each of the result entries can be found towards the beginning of this document
 
Test # Options selected Passwords entered and keyfiles used
Real volume's password False volume's password "Destruction" password
Enable destrution of volume file Enable destruction of keys Replace real volume with false Enable mounting false disks Real volume's keyfile False volume's keyfile Real volume's keyfile False volume's keyfile Real volume's keyfile False volume's keyfile
0 No No No No Real volume mounted (Wrong pass) (Wrong pass) (Wrong pass) (Wrong pass) (Wrong pass)
1 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted (Wrong pass) (Wrong pass)
2 Yes No n/a [*1]
3 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)
    4 Yes No No Real volume mounted (Wrong pass) (Wrong pass) (Wrong pass)
  • Volume files swapped
  • FVP changed to DP
  • RKF replaced with FKF [*2]
  • False volume mounted
    		•
  • Volume files swapped
  • FVP changed to DP
  • RKF replaced with FKF [*3]
  • False volume mounted
    		•
    5 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted
  • Volume files swapped
  • FVP changed to DP
  • RKF replaced with FKF [*2]

    • False volume mounted
  • Volume files swapped
  • FVP changed to DP
  • RKF replaced with FKF [*3]
  • False volume mounted
    		•
    6 Yes No n/a [*1]
    7 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•
  • Volume files swapped
  • FVP changed to DP
  • RKF replaced with FKF [*2]

    • False volume mounted
  • Volume files swapped
  • FVP changed to DP
  • RKF replaced with FKF [*3]
  • False volume mounted
    		•
    8 Yes No No No Real volume mounted (Wrong pass) (Wrong pass) (Wrong pass)
  • Real volume destroyed
  • False volume replaces real volume
  • [*4]
    		•
  • Real volume destroyed
  • False volume replaces real volume
    		•
    9 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted
  • Real volume destroyed
  • False volume replaces real volume
  • [*4]
    		•
  • Real volume destroyed
  • False volume replaces real volume
    		•
    10 Yes No n/a [*1]
    11 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•
  • Real volume destroyed
  • False volume replaces real volume
  • [*4]
    		•
  • Real volume destroyed
  • False volume replaces real volume
    		•
    12 Yes No No Real volume mounted (Wrong pass) (Wrong pass) (Wrong pass) (Wrong pass) (Wrong pass)
    13 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted (Wrong pass) (Wrong pass)
    14 Yes No n/a [*1]
    15 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)

    Notes:
    [*1] = The "Replace real volume with false" option cannot be selected unless "Enable mounting false disks" is also selected
    [*2] = According to the StrongDisk documentation, when the "destruction password" is entered, StrongDisk will destroy the real volume's external keys (keyfile, in this instance), overwriting them with a keyfile for the false volume such that can be used to mount the false volume at a later date.
    [*3] = Although it sounds particularly strange that StrongDisk should magically be able to locate and destroy the real volume's keyfile, this is what the StrongDisk documentation does appear to state. When the "destruction password" is entered, the real volume's keyfile will be overwritten with a keyfile for the false volume such that can be used to mount the false volume
    [*4] = According to the StrongDisk documentation, entering the "destrution password" will cause the false disk to be moved to directory holding the real volume, and the real volume will be destroyed. No mention is made of specifying a keyfile at the "Mount Disk" dialog in this case

    Test Results

    The following table reports the effects of turning on the various StrongDisk options when using real and false volume files that were secured using different passwords and keyfiles

    The results obtained were achieved by selecting the "real" volume file, and specifying the passwords/keyfiles described in the table

    An explanation of each of the result entries can be found towards the beginning of this document

    Where the actual results obtained deviate from the expected result, this is indicated by the relevant cell being coloured red
     
    Test # Options selected Passwords entered and keyfiles used
    Real volume's password False volume's password "Destruction" password
    Enable destrution of volume file Enable destruction of keys Replace real volume with false Enable mounting false disks Real volume's keyfile False volume's keyfile Real volume's keyfile False volume's keyfile Real volume's keyfile False volume's keyfile
    0 No No No No Real volume mounted (Wrong pass) (Wrong pass) (Wrong pass) (Wrong pass) (Wrong pass)
    1 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted (Wrong pass) (Wrong pass)
    2 Yes No n/a [*1]
    3 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)
    4 Yes No No Real volume mounted (Wrong pass) (Wrong pass)
  • StrongDisk raises error
  • Volume files swapped
  • Unknown FV modification
    		•  (Wrong pass) (Wrong pass)
    5 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted (Wrong pass) (Wrong pass)
    6 Yes No n/a [*1]
    7 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)
    8 Yes No No No Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • Unknown FV modification
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)
    9 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted (Wrong pass) (Wrong pass)
    10 Yes No n/a [*1]
    11 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)
    12 Yes No No Real volume mounted (Wrong pass) (Wrong pass)
  • StrongDisk raises error
  • Volume files swapped
  • Unknown FV modification
    		•  (Wrong pass) (Wrong pass)
    13 Yes Real volume mounted (Wrong pass) (Wrong pass) False volume mounted (Wrong pass) (Wrong pass)
    14 Yes No n/a [*1]
    15 Yes Real volume mounted (Wrong pass) (Wrong pass)
  • Volume files swapped
  • False volume mounted
    		•  (Wrong pass) (Wrong pass)

    Notes:
    [*1] = The "Replace real volume with false" option cannot be selected unless "Enable mounting false disks" is also selected

    Summary

    When using the "Emergency Options" with volume files that are secured using both keyfiles and passwords, the "destruction password" appears to have no effect at all, contrary to the StrongDisk documentation.

    Setting either of the "Enable destrution of volume file" and "Enable destruction of keys" options can cause StrongDisk to generate errors about finding the volume's keyfiles, and causes the false volume (critical data section) to be modified, although it's not clear exactly what is changed and why.