Can the FBI or government agencies decrypt my hardrive and/or force me to give them the password?

The Electronic Frontier Foundation maintains an excellent FAQ on digital rights regarding search and seizure of computing devices. For your specific questions: (I'm going to assume US, because you reference FBI and NSA)

1. Can government agencies break disk encryption?

Without a warrant or probable cause, no. With a warrant, if your question is: "Can the encryption implemented by e.g., TrueCrypt be broken?" then the answer is that the TrueCrypt is believed to be secure. These things are difficult to prove, but for all intents and purposes, TrueCrypt is itself a secure system.

2. Can they force me to give them my password?

In the US, the 5th Amendment to the Constitution protects individuals from self-incrimination. A password to a computer containing incriminating information is treated as testimony so generally, no, they cannot force you to hand over a password. (Note that in the UK, this is not true - you can be jailed for refusing.) Per the linked EFF page, there are some exceptions (I believe that refusing to cooperate in an ongoing hostage negotiation can land you with an obstruction charge, but I Am Not A Lawyer), so this is one where you should contact an attorney.

3. Am I only protecting myself against a regular thief?

Per my answers above no, you are in fact protecting yourself, to at least some degree, against a law enforcement investigation.

In any case, "a regular thief" is generally a much more relevant threat actor than your legal system.


Regarding #1, "Does the FBI/NSA or other government agencies have access to my data or can easily decrypt them?" legality aside, there are several factors to consider.

"Easy" is relative. Depending on the charges, and the value of the data that is encrypted, they may have more or less incentive to break the encryption. If it's a list of neighborhood junkies, they might not care as much as if it's a plot to bribe a senator and may identify an offshore bank account with $20 million in it.

The algorithm and keysize of the encryption you are using matters to a certain degree. If you use a 40 bit exportable DES key, it will be easy for them. If you used a 256 bit AES key, they probably won't try to brute force it.

The tool may be part of it. If you're using TrueCrypt, it might be more secure than if you're using ZIP file encryption, or passwords on Word '98 documents. Different tools have different vulnerabilities.

The time of the arrest may have a lot to do with it. If they suspect someone of having important data encrypted on their computer, they may wait until the suspect goes on line and types in their secret key, then knock on the door and seize the equipment while it is still running. They can then take an image of the RAM from the running computer, and possibly scrape the key from it. Most people won't think to clear their machine just because there's a knock at the door; or if they suspect the person of being paranoid, they might even go the whole "smash-in-the-door-Hollywood-style" route. Even local police agencies have "mouse wigglers" which are just USB dongles that act like a mouse moving every few seconds; they keep screen savers from activating while they wait for the digital forensic analyst to arrive to image the machine. You can buy a six pack of them on line for about $40.

Following on this, the law enforcement agencies also know that most people do not have good operational security. People write passwords on scraps of paper, or in a notebook locked in a safety deposit box. The suspect may have a password manager in their browser that reveals passwords for all their online accounts, knowing that people often reuse similar passwords online as they do for securing their data at home (if my password for StackOverflow is sekret$SO, and my password for Google is sekret$Goog, they might try sekret$TrueCrypt or sekret$TC when attempting to decrypt files on my home machine.) The FBI may run the NSA-provided equivalent of John the Ripper, which is likely a whole lot better than anything we might imagine. The suspect may have emailed the password to a co-conspirator, leaving it in their "sent" folder. If they can identify an acquaintance of the suspect who knows the password, they can compel that person to tell them.

Finally, if the suspect is really high value, Snowden revealed the NSA's infamous ANT catalog of tools and techniques they use to hack into running computers. If they can get a keylogger installed on the suspect's computer before they arrest him, they won't need to crack anything.

There are a lot of ways of accessing the data that are a lot easier than cracking the encryption. It all depends on their perception of the value of the data.

As far as #3, "Is there a better way to protect my data?", there are simply too many variables to answer that question. For every OpSec vulnerability I raised above, there are more that aren't listed. For every encryption algorithm you choose, there is an unknown capability of attacking it.


  1. I don't know do they? If you're asking the tinfoil hat type of question: Does the FBI/NSA have access to all harddrives on the internet? Then I believe the answer is no. If a court order is handed down for access to your harddrive then you will need to give it to them.
  2. If a court order gives them access to your harddrive and your harddrive is encrypted the order could include you needing (by law) to give up the password to law enforcement.
  3. You're protecting yourself against unauthorized or malicious actors. As I said above, a court order could give authorization for access to your encrypted data. In this case you don't have to provide the password, but then you'll be put in jail. Your data will still be protected if a properly implemented disk encryption mechanism was used. There's no better way to secure your data at rest.