Security Audit Of TrueCrypt Doesn't Find Any Backdoors — But What Will Happen To TrueCrypt?
from the questions-still-left-to-be-answered dept
Over the past few years we’ve followed the saga of TrueCrypt. The popular and widely used full disk encryption system got some attention soon after the initial Snowden leaks when people started realizing that no one really knew who was behind TrueCrypt, and that the software had not been fully audited. Cryptographer Matthew Green decided to lead an effort to audit TrueCrypt. A year ago, the team released the first phase, finding a few small vulnerabilities, but no backdoors and nothing too serious. This week the full audit was completed and again finds no evidence of any backdoors planted in the code. Matthew Green’s blog post on the report provides the key details, which notes a few small issues that should be fixed, but nothing too serious:
The TL;DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.
That doesn’t mean Truecrypt is perfect. The auditors did find a few glitches and some incautious programming — leading to a couple of issues that could, in the right circumstances, cause Truecrypt to give less assurance than we’d like it to.
For example: the most significant issue in the Truecrypt report is a finding related to the Windows version of Truecrypt’s random number generator (RNG), which is responsible for generating the keys that encrypt Truecrypt volumes. This is an important piece of code, since a predictable RNG can spell disaster for the security of everything else in the system.
However, as Green notes, the problem with the way its implemented in TrueCrypt would only be a problem in “extremely” rare circumstances that wouldn’t impact most users. But it’s still something that could be fixed.
But that’s where the problem lies. As you may recall, in the midst of all of this, the still anonymous developers behind TrueCrypt suddenly announced that it wasn’t secure and that all development had ceased. There have been some efforts to fork and rescue TrueCrypt, but that’s come with some skepticism as people feared what might be hidden in the code (and also some concerns about the TrueCrypt license.
Hopefully this new audit puts at least some of those concerns to rest (though it’s always good to be paranoid when building security software) and people do really put an effort developing an updated version of TrueCrypt. For what it’s worth, I’ve seen a bunch of articles claiming the audit shows that TrueCrypt is safe. That’s not quite true. It’s just saying they didn’t find anything — which should be very re-assuring, but you can never say with 100% certainty that the code is safe. Either way, what’s needed now is more development moving forward.
Filed Under: audit, backdoors, encryption, full disk encryption, matthew green, security, truecrypt
Comments on “Security Audit Of TrueCrypt Doesn't Find Any Backdoors — But What Will Happen To TrueCrypt?”
I would be very interested in knowing if the anonymous individual(s) behind TruCrypt released that statement (and resigned) of their own volition.
We all know what ended up happening to Mr. Snowden’s secure e-mail provider…
You don’t need encryption if you go offline everytime you do something local. You can achieve a greater amount of ‘encryption’ if you simply unplug and store all of your activity on a removable drive.
It’s that simple.
Re: Re:
But we shouldn’t have to.
As citizens of what is supposed to be a liberal democracy, we should be able to implicitly trust our government not to spy on us.
Re: Re:
You don’t need encryption if you go offline everytime you do something local. You can achieve a greater amount of ‘encryption’ if you simply unplug and store all of your activity on a removable drive.
Ummm, so what keeps the data on your removable drive secure?
Re: Re: Nothing what so ever, its there for all to see.
Especially with offline malware/virus’s like Stutnex and the millions of variants they already have in use.
A removable drive is great for the kids soccer photos but little else.
Re: Offline
No it isn’t.
Temporarily disconnecting Internet would not prevent a keylogger from transmitting private data once you reconnect. A permanently disconnected device would be safer in this regard. This is sometimes referred to as a “air firewall”. It is common for higher grade military systems and less common than it should in the rest of the society.
And, disc encryption provides a different kind of protection. It protects against physical intrusions. It prevents planting of false evidence, it prevents criminals from stealing information, it prevents TSA from copying your private photos, and so on, as long as only you hold the key.
A very determined attacker might still get the key. If the devise is on and the key is stored in volatile memory (when the disk have been mounted), the information may be frozen long enough by applying a strong cooling substance, and accessing the information directly with an external analyzer connected to the chips. It is a hassle for an attacker though.
Offline and disk encryption gives good protection.
Re: Re: Offline
I seem to remember something in the 30c3 talk by Jacob Appelbaum about circumventing air-gapped machines, all seemed very far fetched but the tech was certainly there.
It sounds depressive but if they really want to get to you, there’s every chance they will get to you.
Re: Re: Re: Diminishing returns
Sort of.
That is why there is a point in using disk encryption in the first place. If they get inside your home an attacker can do all sort of bad stuff. And not only with electronic devices. The same goes for TSA at the airport. They rape and steal, and fondle both devises and people. They do so to the extent that many people choose riskier transports such as cars. Being easy targets encourage the TSAs of this world and there might be more of them, and at new places.
Tempest (radio wave surveillance) is also an attack vector. They may park a “van” outside your home to pick up signals transmitted from your keyboard, wires, and so on.
They may intercept hard-drives and infect them, so if you ship any media it might contain information you would like to keep private.
And they might use the “wrench” on you instead of the computer. “Give us secrets or kiss your … goodbye”
There is a difference between these, and snooping on billions of computers/phones/tabs: Cost and effort!
If encryption and air gapping were more common it would be more difficult for the bad guys to do bad things. The world would be a better place
Re: Re: Offline ... "air firewall" or "air gap"?
I didn’t think that air made a particularly good firewall, but it does make an excellent piping backflow preventer, since water cannot easily flow across an air gap. Some people refer to a network-disconnected computer as “air gapped” — whether or not that’s the proper term.
https://www.portlandoregon.gov/water/article/28137
Re: Re:
You seem to lack a basic understanding of how computers work and what they are capable of.
Re: Re:
That only works until someone gets physical access to your ‘removable drive’ – like, for instance, border control at a border or a random police officer during a traffic stop.
Or, even, someone stealing your device out of your car/house/office. Because that NEVER happens.
What you are proposing is effectively no security at all. It’s beyond naive.
Re: Re:
“You don’t need encryption if you go offline everytime you do something local.”
That’s the point of Truecrypt. Encrypting yourself ‘offline’ so as to prevent offline threats from compromising whatever it is you’re trying to protect.
Simply ‘unplugging’ is not enough in the world of espionage…
Re: Re:
That’s not what disk encryption is for… It’s to protect your disk in most normal cases from criminals if your computer is stolen. You put lots of personal info on your computer tax returns, scans of important documents, and emails… at least I do. Good cross-platform encryption allows me to be able to do those things and sleep at night.
Money
I had 330000 embezzled from me. I am 71 and in need of money
It will continued to be used.
Re: Re:
*continue
Personally speaking
The results of the security audit are good enough that I will stop telling people to avoid TrueCrypt.
However, I am not going to start recommending it and will not begin using it myself. The statement of no confidence that the developer made is enough to put a doubt in my mind that no security audit will entirely remove. Since there are several other alternatives available that are well established and widely trusted, there’s no need to live with that niggling doubt.
Re: Personally speaking
Why would you stop telling people to encrypt themselves offline?
I don’t know what your client base consists of, but it certainly doesn’t hurt any one to have localized encryption…
Btw, which alternatives are you referring to?
As far as I know, there isn’t many…
Re: Re: Personally speaking
“Why would you stop telling people to encrypt themselves offline?”
I would never stop recommending that, and never said that I would. I highly recommend whole disk encryption.
“Btw, which alternatives are you referring to?”
Here’s a handy quick comparison chart, although there are many others not listed there. It’s a decent starting point, though. http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software
What better way to stop the public using an encryption you can’t crack. Bail up the anonymous author, threaten them with jail, and make them post that it is not secure.
TBH if that post was genuine, the anonymous author would have also told us how and why it was no longer secure.
Re: Re:
It’s possible, and even if that’s the case, there are still others that are at least equally as strong, so the loss is minimal.
“if that post was genuine, the anonymous author would have also told us how and why it was no longer secure.”
Not necessarily. In part, it depends on what the nature of the perceived insecurity is. It might not be a weakness in the code but in the team, for example. Also, it might be that the team was coerced into silence, such as through a gag order, and they didn’t want to risk prison.
Re: Re:
TBH if that post was genuine, the anonymous author would have also told us how and why it was no longer secure.
This assumes the person making the post knows it. What if the person who discovered the vulnerability was kidnapped before he could tell the team what it was, (not as far fetched as it sounds, sadly) and the rest of the team only knows, “Mike thinks there’s a flaw and went missing. We don’t know what it is, or even how to look for it, but Mike’s been pretty damn reliable.”
Re: Re:
That’s what I was thinking, Zem. The spy infrastructure has the resources to make the good seem bad and vice versa, almost at will.
Fixing TrueCrypt
Leaving questions about licensing aside, surely Matthew Green and co. are best placed and most trusted to fix the vulnerabilities: they must have done most of the work already.
What were they threatened with to abandon their work?
It’s very chilling to consider the implications of the developers suddenly quitting their project. Not just quitting, but trying to kill it by announcing it is no good. People don’t just kill years of their own work over nothing. I think we can all agree that there is only one entity that could make this happen. How very, very scary. It does, however, make me want to get the latest build of TrueCrypt. It must be good for the US government to be so afraid of it.
Veracrypt (a fork of truecrypt that existed long before truecrypt died) was created to actually INCREASE security in Truecrypt and it still exists/is updated.