I need to split my container into smaller files. So plan is this: I create RAR archive and let it split into about 10 smaller archives, no compression and I also add password for extra security. Is this risk-free?
-
RAR format offers parity data generation to protect against corruption, you can also use PAR format to generate external parity files if you are concerned – Richie Frame Jan 28 '17 at 03:51
-
1@eckes If an encrypted container is possible to compress by more than an absolutely trivial percentage, then the encryption is garbage. Mind you, it might still be garbage if the container can't be compressed, but if the output of an encryption algorithm is compressible, it's definitely garbage. – user Jun 28 '17 at 11:28
-
Yes you are right I was thinking about unencrypted VHD files.@MichaelKjörling – eckes Jun 28 '17 at 14:55
2 Answers
Yes, this is risk free. Not using compression (as you plan to do) helps speed up the process as encrypted data cannot be compressed. However I would suggest you do not use an extra password. Any extra password you need to memorize would be much better put to use extending your VeraCrypt password with it. Otherwise, having multiple layers of encryption allows an attacker to attack one at a time, rather than being limited to attacking it all at once. The only reason you might want to encrypt the archives is if you do not want an attacker to even be able to suspect that an encrypted VeraCrypt container is present. If this isn't part of your threat model, there is no need to use more encryption.
I am curious why you have any need to split up a VeraCrypt container, though. Obviously in order to use it, you must concatenate the parts. This makes me wonder if you are trying to upload it to a file hosting service which may limit the maximum size of each individual upload. If this is this case, I strongly recommend you do not do this. Hosting any encrypted container that uses XTS mode on a remote server which may be able to see snapshots of the container over time is very insecure.
- 2,263
- 6
- 19
- 30
- 65,613
- 20
- 208
- 262
This will be perfectly fine, even if you opt to compress as well. Rar application will not interfere with the encryption format of truecrypt.
The best way to test is to do a trial run yourself.
- 101
- 3
-
7opting to compress will only slow it down substantially, and not result in compression, as the encrypted container is viewed as incompressible random noise – Richie Frame Jan 28 '17 at 03:52