Plausibly Deniable Encryption

This demo shows how an encrypted image can be decrypted into two different disk images, depending on which password you use. Plausibly deniable encryption can be a powerful tool, but keep in mind that even just using an encryption format which supports hidden images might be suspicious.

Setup

We’ll be demonstrating hidden volumes using the VeraCrypt encryption format and application. You can download the application here, or since it’s open source, build from source here.

If you would like to create your own volume, the VeraCrypt website provides clear instructions for doing so. The application is entirely GUI-based, no terminal required!

Demo

A pre-made volume file that we showed in class is available for download here.

1. Open VeraCrypt, and find the “Volume” section on the lower half of the main page.
2. Use “Select File…” to find the pre-made volume in your files.
3. Click “Mount” to decrypt and open the volume to your file system.

The “fake” volume can be opened with password password, while the hidden volume can be opened with betterpassword. You should be able to see that the contents of the two volumes are totally different. In addition, there is no indication that there is anything else hidden inside the “fake” volume.