When using the TrueCrypt encryption on your system partition or system drive, a pre-boot authentication password will be asked in the TrueCrypt Boot Loader screen after you turn on or restart your pc. It may happen that you are forced by somebody to decrypt the operating system or to reveal the pre-boot authentication password. There are many situations where you cannot refuse to do so (for example, due to extortion). TrueCrypt allows you to create a hidden operating system whose existence will be impossible to prove. (Plausible Deniability)

A hidden operating system is a system (for example, Windows Vista or Windows XP) that is installed in a hidden TrueCrypt volume. It is impossible to prove that a hidden TrueCrypt volume exists and, therefore, it is impossible to prove that a hidden operating system exists. If would wanted to know the theory behind it you can always look into the info on their official webpage, where you also can download truecrypt itself. And yes Lord, it's freeware so you don't have to use 'the way of the pirate'.


Quickly: how does it works?
A boot loader is installed which allows you to boot into two different operating systems.
The first OS is called a decoy OS, which is the main OS that you boot into on the system. This OS resides on the primary partition. No sensitive stuff is stored on this OS.
The hidden OS, which is the one that contains sensitive material, is stored on the second partition inside a hidden TrueCrypt volume which resides inside an outer TrueCrypt volume wrapper.
Which OS you boot into depends on which password you end when starting the system up. However, because the hidden OS is stored on a TrueCrypt volume, its presence is undetectable unless you have the right password.

Hardware Needs:
1. two partitions, the first containing your OS and a second (which must be 5% larger than the primary partition if it is formatted using FAT or 110% larger if formatted using NTFS).
2. the second partition must be the first partition behind the primary one.

Little info on the passwords; 3 of them:
A password that allows access to the decoy OS - This is the password that you’ll use when you want to access the regular, non-sensitive OS so when someone asks you for the boot-up password, you give them this.
A password that allows access the hidden OS - This is the password that you use to access the secret OS containing the secret data.
The password that allows access to the outer volume containing the hidden OS and also containing the sensitive-looking (but which are not in fact sensitive) files - This is the password that you hand over to someone should they want to know what’s hidden inside the TrueCrypt volume

Few things before starting:
1. If there was already sensitive data on your disk, do some weeping. And I mean like 6 or 7 times. Our 'Computer Crime Unit' in **l*i*m has to do 9 sweeps as a standard precedure (SOP) before the may use a disk for imaging. So clean the drive out and get the disk ready.
2. Figure out what your 3 different passwords will be, don't lose them!!.
3. Get yourself some sensitive-looking data ready. The robu***ess of your security relies on you having data in that outer volume (the one that contains the hidden OS) that looks sensitive enough to warrant having all that encryption loaded onto your system in the first place.

Creation of Hidden Operating System
(the italic is for your information and can be skipped if you are in a hurry, but I would recommend reading it as it contains useful information)

1. Select System > Create Hidden Operating System and then follow the instructions in the wizard.

Initially, the wizard verifies that there is a suitable partition for a hidden operating system on the system drive. As I already mentioned; the partition for the hidden volume on the system drive must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition).

2. The wizard will create two TrueCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system. The size of the hidden volume is always the same as the size of the system partition.



3. Copy some sensitive-looking files to the outer volume. The cluster bitmap of the volume will be scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume will be determined and it will be verified that it is greater than the size of the system partition

4. TrueCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume. Data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system. The process of copying the system is performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days. Don't turn of your machine!!!. The hidden operating system will initially be a clone of the operating system under which you started the wizard.

Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the TrueCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). To prevent such issues, TrueCrypt will securely erase the entire content of the partition where the original system resides after the hidden system has been created.

5. In order to achieve plausible deniability, TrueCrypt will prompt you to install a new system on the partition and encrypt it using TrueCrypt. Thus, you will create the decoy system and the whole process of creation of the hidden operating system will be completed.

TrueCrypt will erase the content of the partition where the original system resides by filling it with random data entirely. If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by TrueCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."

Source 1
Source 2
Download truecrypt