To edit the header, you could use any graphical hex editor (you need to find one which doesn't load entire /dev/sdX though).
right, it's vital to know accurately which byte the header ends so that you know which byte the encrypted volume begins. using a graphical hex editor could work, e.g. perhaps there is a byte sequence at the end of the header that's always the same.
if not, knowing exactly the length of a key slot, exactly how many key slots your header has, and the exact length of the data before them is very important.
an extra trick I thought of: I expect that the header for a disk partition is smaller than a basic disk encryption header. Instead of replacing the encryption header entirely with random data, why not:
- find out the size of a partition header
- subtract it from the size of your encryption header
- overwrite the start of the disk encryption header with a partition
- fill the remaining space with random data (only as far as the last byte of the encryption header! use the number you found in step 2)
then, instead of having a "suspicious" random data disk, you have a disk that an OS filesystem window would recognize when you plug it in. Sure the rest of the data is your encrypted volume, but it "looks" otherwise like a normal disk that's got nothing on it.
you: "really? nothing on it? damn, must've taken the wrong disk with me, my bad"
or
you: "yeah, that's my disk to put the holiday photos on, would you like to see my photos of the church organs of Europe?"
that sort of thing