NK storage : how does the app retrieve hidden volume *location*?

I have a perfectly normal hidden volume inside my encrypted volume; I did set it with some values for its startpoint and endpoint. Whenever I require “configure hidden volume” now, I see something I expect : the interface behaves like for a fresh start, ignoring the existing hidden volume.

But when I ask to unlock the existing hidden part, giving the right password, while I am not asked to indicate where it starts and ends, I see the app immediately finds these points.

My question is : how does the key remember the startpoint and endpoint of hidden volume(s)?

Even though this information is not accessible through the app interface, is it somehow stored in the key? (with the risk of cancelling the ‘deniability’)
Or is there some astute process where the app, once given the hidden password, would try each and every location till it finds something worth?

Thank you!
(question is not urgent)

The device has a storage area to store meta data of hidden volumes. This meta data contains startpoint and endpoint. This meta data is encrypted with a key stored in the smartcard and with a key derived from the password of your hidden volume. Without successfully decrypting the meta data, it can’t be recognized if meta data exist (and a hidden volume has been setup) or if it’s empty (and no hidden volume has been setup).

When unlocking a hidden volume, you have to enter the PIN and the password. Both are used to decrypt the meta data. If decryption succeeds, the hidden volume will be enabled by the device. If a wrong password is entered or no hidden volume has been setup, the decryption fails.


perfect :slight_smile:
Thank you Jan!