hidden_part

加密解密,安全工具！很有意思的代码

--------------------------------------------------
 Contents
--------------------------------------------------

 1. What Is a Hidden Part?
 2. How Do the Hidden and Original Containers Work?
 3. Precautions
 4. Some Advice

IT IS STRONGLY RECOMMENDED THAT YOU READ THE "PRECAUTIONS" AND 
"SOME ADVICE" SECTIONS TO ENSURE USING THE  HIDDEN CONTAINERS PROPERLY.

1. What is a Hidden Part?
---------------------------------------------------------------------------

BestCrypt creates virtual drives on your computer. All data to be written 
to the virtual drive are placed into the container in encrypted form. The 
encryption algorithms used in BestCrypt are reliable, and the container 
cannot be decrypted without knowing the correct password.
But under some circumstances the user may be forced to disclose the password 
to his container.  For this reason someone may wish to hide the existence of
encrypted containers on the computer.

There are a variety of methods for hiding sensitive data inside graphic or 
audio files so that it  is impossible to decide that the original files 
contain extra information inside them.  That method is known as steganography.
Unfortunately, the use of sound or graphic files to hide an encrypted container 
has several disadvantages:

- degradation of the system performance due to a lot of useless data to be 
  read from the original files in extracting encryption information;
- an original file has to be 2-4 times larger than the encrypted container 
  hidden within it.  If you  create a 100 MB container, you must have a 
  200-400 MB sound file.
- extremely large graphic or sound files (hundreds Megabytes) available will 
  arouse suspicion.

So what can we do? Let us imagine that we use steganography, but we hide the 
encrypted containers inside BestCrypt containers themselves rather than 
inside graphic files.  Now we'll get  two kinds of containers: original and 
hidden (which are stored inside the original containers). Using this kind of
steganography, BestCrypt is far superior to the conventional sound or graphic 
method of steganography, because:

- performance of the hidden containers is the same as of the original ones;
- hiding containers in this way does not waste unnecessary space, so it will 
  not require as much disk space;
- the potential intruder cannot prove whether or not an additional (hidden) 
  container exists.


2. How Do the Hidden and Original Containers Work?
---------------------------------------------------------------------------

A BestCrypt original container file consists of three parts:

1. The first 512 bytes containing the data required to verify integrity of 
   the file;
2. A Key Data Block that stores the array of encryption keys. The Key Data 
   Block is encrypted by a hash calculated from the user's password. One of
   the keys in the array is used for encrypting/decrypting the user's data;
3. Encrypted data.

In mounting the original container, BestCrypt verifies its integrity using 
part 1 of the container. Then it calculates a hash according to the password 
and uses the hash for decrypting the encryption key from the Key Data Block.
The software uses the key for providing transparent encryption of data in 
part 3 of the container.

If you create a hidden part inside the container, BestCrypt creates a new 
encryption key for it and stores it in the Key Data Block of the original 
container. The place where the key for the hidden part is stored appears to 
be marked as unused, so it is impossible to define whether any key exists 
or not.  Remember, spare disk space within the container is itself encrypted 
as random data.

So, replacing some random data with a new randomly generated key does not 
compromise the hidden part, because an examination will reveal it as just 
random data.

The hidden part is stored inside part 3 of the original container without 
its own Key Data Block, so it is impossible to define the borders of the 
hidden part inside the original container.

The mounting procedure for the container with the hidden part included is 
almost the same as for usual containers. The only difference is that only 
original part's filesystem type is written to container's header. Thus 
when mounting hidden part you should specify filesystem type explicitly.


3. PRECAUTIONS
---------------------------------------------------------------------

I.  Use different passwords for the original container and the hidden part 
    inside it! If the passwords are the same, BestCrypt will always mount 
    the original container. 

II. You may write some data to the original container before creating the 
    hidden part. But once you have created your hidden container, NO FURTHER 
    DATA MUST EVER BE WRITTEN TO THE ORIGINAL CONTAINER.

    When BestCrypt has mounted the original container, it will have no 
    knowledge of its hidden part!

    IF YOU WRITE TO THE ORIGINAL CONTAINER THE HIDDEN PART MAY BE DAMAGED!
    The BestCrypt software is designed in such a manner to deliberately 
    allow the original container to appear to all intents and purposes to 
    be the sole container for data. This is a deliberate act for maximum 
    security of the secret encrypted container.

    Otherwise, your potential intruder having got the password for your 
    original container could use debugging tools to define if there is a 
    hidden part inside the container.

III.If you create the hidden part, it means that the data stored inside 
    the original container has no meaning and exists only for only reason - 
    to disguise the information stored in the hidden part.  In this case, 
    you should avoid mounting of the original container.


4. SOME ADVICE
---------------------------------------------------------------------------

As it follows from the section "Precautions", it would be useful to treat 
the password for the original container as an "Alarm" password.  It means 
it must not be entered unless you have been forced to reveal it.

Using the term "Alarm" also means that you should use this password only 
if you have consciously decided to mount the original container and write 
some data into it to destroy the hidden part of the container.  Some ability 
to destroy the hidden part of the container may be useful only when there 
is any real threat to the security of your data.