TrueCrypt Audit Is 'Go' -- And Supported by TC Developers

As reported by The Register, Crowdfunded audit of 'NSA-proof' encryption suite TrueCrypt is GO

According to the article, "TrueCrypt's anonymous developers have been in touch with the researchers behind IsTrueCryptAuditedYet project to offer their support to the audit."

The public comments are worth reading as they raise questions whether any auditors can be trusted, particularly in view of the TC anonymous developers' offer of cooperation. Shades of things to come for the audit to finally settle the question of TC's reliability?

For the record, I personally trust TC. I found particular comfort in the statement in TC's documentation that if the user chooses hardware acceleration, "TrueCrypt does not use any of the AES-NI instructions that perform key generation.", since as it turned out NSA apparently had targeted key generation as a soft spot to weaken encryption.

__

 

Great news! Will wait for the report. When is it due?

 

They haven't said and probably don't know at this point even when the review process will start as they presumably must evaluate potential reviewers via a bidding process or some other sort of evaluation process. How long from there is not yet known, at least from this publication. Then there's the question of whether the reviewer's identities will be public or secret - nothing has been said yet.

Looking a little further ahead, the review is for TC 7.1a. But users have been clamoring for another update for some time now. So query how the review might impact release of a new update. Clearly, a review of 7.1a won't apply to any subsequent TC updates.

__

 

Truecrupt Security Assessment (PDF).

-- Tom

 

http://arstechnica.com/security/201...s-no-evidence-of-backdoors-or-malicious-code/

http://istruecryptauditedyet.com/

 

That's some good news. Auditing encryption code is one of the hardest things to do so I'm glad someone finally does it.

 

The only item which I find to be of concern is page 24:-

• Exploit Scenario: Unexpected operating system or hardware conditions, such as failing RAM or low-memory situations, cause the EncryptDataUnits() function to fail, resulting in unencrypted data being written to disk.

If I am reading it correctly it suggests that full disk encryption can leak in low memory situations which could be a serious problem...

The findings about inconsistent coding and revising don't surprise me because the team apparently write their code as a hobby. Certainly they DON'T APPEAR to be making profit from it.

 

From Sloppy but secure: Open source TrueCrypt passes audit:

 

Here's Bruce Schneier's analysis in it's entirety:

"Recently, Matthew Green has been leading an independent project to audit TrueCrypt. Phase I, a source code audit by iSEC Partners, is complete. Next up is Phase II, formal cryptanalysis.

Quick summary: I'm still using it."
​

*****
​

Another interesting article is found at Threatpost.com (http://threatpost.com/so-far-so-good-for-truecrypt-initial-audit-phase-turns-up-no-backdoors/105433) and provides a bit more detail on the 'bug' considered the most serious in the iSEC Partners audit --

“TrueCrypt relies on the what’s known as a PBKDF2 function as a way to ‘stretch” a users’ password or master key, and there is concern that it could have been stronger than the 1,000 or 2,000 iterations it uses currently.”

Of particular interest is Threatpost's citation of the TrueCrypt developer's response -- "The TrueCrypt developers’ position is that the current values are a reasonable tradeoff of protection vs. processing delay, and that if one uses a weak password, a high-count PBK2DF2 hash won’t offer much more than a false sense of security.”

(Note that TC documentation specifically states,"We strongly recommend choosing a password consisting of more than 20 characters (the longer, the better). Short passwords are easy to crack using brute-force techniques.")
​

In light of the TC developer's comment I find myself wondering whether the so-called PBKDF2 function 'bug' is anything more than a criticism that TC suffers from insufficient use of smoke and mirrors.

__

​

 

this is good news , cant wait for phase II and the final conclusion of it all , something tells me this can only get better and about this

seems reasonable not anything new really as long as you use a longer than 20 character passphrase itll take them quite a while to get anything from what ive heard , but dont ask me im just a average joe user

here xD im just hoping for no backdoors and to have my data secure for the next 40 years then they can have at it when im in my grave , lols, thats all