Menu

partitions visible on fully-encrypted disk?

Technical Topics
antonio esposito
2023-11-29
2024-01-03

  • antonio esposito

    antonio esposito - 2023-11-29

    I have fully-encrypted the system disk (with 2 partitions). It is MBR with no extra windows/boot partition.

    If I remove the disk and connect it as an external drive on another PC (via a SATA-USB adapter), I can see there are 2 partitions on the disk BEFORE decrypting it (obviously using the "decrypt without pre-boot encryptiopn" option).

    How is this possible? I believed that using full-disk encryption only the bootblock remains unencrypted, and the partition table is encrypted, and read only after decrypting.

    quoting the VC guide:

    Note: By default, Windows 7 and later boot from a special small partition. The partition contains files that are required to boot the system. Windows allows only applications that have administrator privileges to write to the partition (when the system is running). In EFI boot mode, which is the default on modern PCs, VeraCrypt can not encrypt this partition since it must remain unencrypted so that the BIOS can load the EFI bootloader from it. This in turn implies that in EFI boot mode, VeraCrypt offers only to encrypt the system partition where Windows is installed (the user can later manualy encrypt other data partitions using VeraCrypt). In MBR legacy boot mode, VeraCrypt encrypts the partition only if you choose to encrypt the whole system drive (as opposed to choosing to encrypt only the partition where Windows is installed).

    Since I do not use EFI and have no extra partitions which must remain unencrypted, I cannot understand what is happening...

     

  • morton

    morton - 2023-12-11

    I can see there are 2 partitions on the disk BEFORE decrypting it

    In your quote nothing is said about hidden partitions. Usually encrypted partitions are not hidden.

     

  • antonio esposito

    antonio esposito - 2023-12-15

    Thank you very much.
    So am I right to say that the partition table is NOT encrypted, even if the disk is fully encrypted and no partition is hidden?

     

  • Enigma2Illusion

    Enigma2Illusion - 2023-12-15

    So am I right to say that the partition table is NOT encrypted

    No. The encrypted partition table is not available.

    If you look at the partitions in Windows Disk Manager, the disk partitions will show-up as RAW since Windows cannot access the encrypted partition table to determine their filesystem type.

    Even after mounting the VeraCrypt partitions, Windows Disk Manager will still show the partitions as RAW.

    https://www.veracrypt.fr/en/VeraCrypt%20Volume%20Format%20Specification.html

     

  • antonio esposito

    antonio esposito - 2024-01-03

    Thank you very much @morton and @Enigma2Illusion for your info;

    please see the attached picture; the arrow-pointed disk is the encrypted one, which I attached to this PC via an USB docking station; as you can see, the partitions are visible, both from Disk Management and Veracrypt.

    Now I suspect I'm doing somenthing wrong; my procedure is:

    -install windows;
    -create second partition;
    -install Veracrypt;
    -launch Veracypt and do full disk encryption, including the extra sectors at the end of the disk (I don't remember the Veracrypt name for them);
    -reboot... and the disk is encrypted.

    Where's the error?

    note: the picture has benn taken immediately after connecting the encrypted disk via docking station; it has NOT been decrypted.

     
    Thumbnail
    pic1.PNG

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.