I recently saw this video on perfectly deniable full disk encryption from BlackHat Europe 2018 and I thought it was rather interesting. As someone who's recently started to try to get into Linux and understanding computers more in general myself, I was wondering what it would take to learn how to implement this method of disk encryption; the kind of topics one would need to familiarize themselves in order to have the sufficient toolset to do it properly.

I've searched online but I can't find any tutorials or guides on how to do this kind of encryption. This one talk and the presentation slides linked in the video's description seem to be the only source on the topic. I think that's a shame because I'd rather like to learn more in depth how it works than just the abstract.

Would knowledge of Assembly language be required? Would writing the kinds of kernel modules mentioned be a difficult task even for an intermediate user? I think I understand the concepts in terms of the abstract but I'd rather have a more detailed understanding of the exact processes done in order to achieve the end result and how it all fits together.

One thing in particular I'd like to know is how setting up the hidden OS would work. Would you encrypt it in the manner explained after installing the OS? or before? If before, how would you then install the OS into the hidden section?

I suppose what I'm asking is; what specific topics in Computer Science/Linux (Scripting/general sys-admin/FDE principles etc) would you recommend a beginner become familiar with in order to reach a stage where they would likely be able to understand the concepts involved to a sufficient point where they can implement this form of encryption properly themselves? And I guess this thread can be a point of discussion for anyone who'd like to document their attempts at trying it out themselves? Regardless, I hope some of you at least find it interesting

Just erase the disk with random data completely then use cryptsetup with --header on your usb key(backed up on another key too), and you can hide that header in some movie or something stenographically. Just make sure to remember how you did it.

1 members found this post helpful.

To understand the concepts, read a book about cryptography.

EDIT: After scanning the presentation slides, I think you also need to study how to write Linux kernel modules and how to access disk blocks from the kernel.

I wouldn't call scripting and system administration computer science topics, and you don't need them for understanding the concepts. System administration skills would help you implement the concepts, but more so programming skills, no matter in which general purpose language. Python is often cited as a good entry point.

EDIT: It needs to be C programming skills.

LUKS documentation is pretty in-depth and could help you get a glimpse of both concepts and implementation. A good starting point with many links is the cryptsetup README.

1 members found this post helpful.

I didn't watch much of it, but did you notice the presenter had a PhD ?. Take that as a hint.

syg00 You don't need to be phd to just run existing tools, that's not a rocket science. I didn't even finish high school, but I can read manuals and perfectly follow them. It even somehow landed me a dozen of jobs so far.
As for writing crypto code from zero entirely by yourself phd doesn't certainly help you either btw, both plebs' and docs' code can be flawed.
I'd say that takes a lot of reading, especially on security topic and how it applies to programming, as well as utilizing existing tools to properly check your code, aside from checking it manually. Several times. And then some more. The lesson is this: don't reinvent the wheel, that is especially true in crypto! Just don't. For fun - maybe, but just know it's probably never gonna be as good as existing solutions. You sure can write a kernel to run some binaries, maybe even binaries from other OSes but that'll absolutely be flawed from a security point of view. It may be a fun road, sure, but, just so you know. I'm not discouraging, just a word of warning.
Better just review the code of cryptsetup and it's docs, also LUKS in linux. That's a simple and good start there.

Also a word of warning, in today's reality in some countries you can be locked up if there's a disk with bunch of random data and you refuse to decrypt it, even if it is just a random data in reality with no hidden things there. That also(or, especially?) applies to tourists, don't take that stuff with you to the immigration gates, even if it's really just an random-data-erased disk. Will save you a lot of precious time.

1 members found this post helpful.

I think that's the point of "pefectly deniable" and "steganographic".

From the wikipedia page for Steganography:

1 members found this post helpful.

@ondoho: It absolutely is but again, there's harsh reality which may sometimes, in this particular scenario, catch up with you. It's not always gonna be bulletproof. The point I want to make is don't put 100% trust in anything.

1 members found this post helpful.