Entry tags:
The audit of TrueCrypt has completed Phase I
A little bit about open source software. The open source development model says that anyone who has the coding skills can contribute to big, complicated, programming projects. Anyone. As lone as your code is good, runs, and does what it's supposed to do, you are in. This is the model that gave us linux, which is the underpinning of a vast majority of servers on the internet and World Wide Web.
The issue, of course, is that it's conceivable that someone with nefarious intent could insert dodgy code that passes superficial inspection and that someone then has in-place a vulnerability, exploit, back door, whatever.
TrueCrypt is a disk encryption product that encrypts your entire drive, AKA whole disk encryption. Your computer won't boot unless you enter a password on powerup. You can remove the hard drive from the computer, and the whole thing is still encrypted. You can also create hidden 'shadow' volumes that are hidden from normal view: basically you can have multiple encrypted virtual hard drives on your system and they appear invisible, so if you're forced to give up your crypto key, such as by the UK gov't officials or someone using rubber hose decryption (they beat you with a rubber hose until you give up your crypto key), they theoretically won't find the hidden encrypted volume.
This is a great feature for foreign reporters or human rights workers.
The issue is that TrueCrypt is an open source software project, and in the post-Snowden world, it's possible that it was compromised a long time ago by the NSA or its proxies. So an audit was launched: examine every line of code for correctness, lack of vulnerability, and strength of its encryption. The first phase has been completed: the code appears correct and free of vulnerabilities. Now they're examining the strength of the encryption and the pseudo-random number generator (PRNG).
PRNGs are programs/algorithms that provide random numbers to encryption systems, and surprisingly, it's not easy to generate random numbers. One of my favorite PRNGs was a project run, IIRC, by UC Berkeley where they had two lava lamps going and a web cam pointed at them and doing integrations to provide pseudo-random numbers. I have no idea if the project is still running. The problem is, if the PRNG in a piece of crypto software is not sufficiently random or can be predicted, then the strength of the encryption is pretty much zero. It might be strong against common criminals, but it'll fall to supercomputers.
So now they're examining the encryption and the PRNG, which will tell us if the software is really good. As it stands, Bruce Schneier thinks its good enough to continue using.
(As a side note, most of the modern operating systems have built-in disk encryption. The problem is that they have weaknesses. Apple's encryption, for example, has a recovery key built-in for the boot partition, so if your entire drive is one partition, you're not as secure as you thought. I don't know much about how strong Microsoft's full disk encryption is or what known weaknesses there are, I don't keep up on their products as much as I probably should. The advantage of using a third-party crypto package like TrueCrypt is that you won't have a vulnerability like this, assuming it passes the audit, which I'm pretty confident on. The disadvantage is that if you lose your primary encryption key, there's nothing the OS vendor can do, all your contents are gone.)
https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf
https://www.schneier.com/blog/archives/2014/04/auditing_truecr.html
The issue, of course, is that it's conceivable that someone with nefarious intent could insert dodgy code that passes superficial inspection and that someone then has in-place a vulnerability, exploit, back door, whatever.
TrueCrypt is a disk encryption product that encrypts your entire drive, AKA whole disk encryption. Your computer won't boot unless you enter a password on powerup. You can remove the hard drive from the computer, and the whole thing is still encrypted. You can also create hidden 'shadow' volumes that are hidden from normal view: basically you can have multiple encrypted virtual hard drives on your system and they appear invisible, so if you're forced to give up your crypto key, such as by the UK gov't officials or someone using rubber hose decryption (they beat you with a rubber hose until you give up your crypto key), they theoretically won't find the hidden encrypted volume.
This is a great feature for foreign reporters or human rights workers.
The issue is that TrueCrypt is an open source software project, and in the post-Snowden world, it's possible that it was compromised a long time ago by the NSA or its proxies. So an audit was launched: examine every line of code for correctness, lack of vulnerability, and strength of its encryption. The first phase has been completed: the code appears correct and free of vulnerabilities. Now they're examining the strength of the encryption and the pseudo-random number generator (PRNG).
PRNGs are programs/algorithms that provide random numbers to encryption systems, and surprisingly, it's not easy to generate random numbers. One of my favorite PRNGs was a project run, IIRC, by UC Berkeley where they had two lava lamps going and a web cam pointed at them and doing integrations to provide pseudo-random numbers. I have no idea if the project is still running. The problem is, if the PRNG in a piece of crypto software is not sufficiently random or can be predicted, then the strength of the encryption is pretty much zero. It might be strong against common criminals, but it'll fall to supercomputers.
So now they're examining the encryption and the PRNG, which will tell us if the software is really good. As it stands, Bruce Schneier thinks its good enough to continue using.
(As a side note, most of the modern operating systems have built-in disk encryption. The problem is that they have weaknesses. Apple's encryption, for example, has a recovery key built-in for the boot partition, so if your entire drive is one partition, you're not as secure as you thought. I don't know much about how strong Microsoft's full disk encryption is or what known weaknesses there are, I don't keep up on their products as much as I probably should. The advantage of using a third-party crypto package like TrueCrypt is that you won't have a vulnerability like this, assuming it passes the audit, which I'm pretty confident on. The disadvantage is that if you lose your primary encryption key, there's nothing the OS vendor can do, all your contents are gone.)
https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf
https://www.schneier.com/blog/archives/2014/04/auditing_truecr.html