TrueCrypt cryptographic audit turns up little to fear

Most desktop cryptography relies on software created and maintained by corporations, often (not always) based on open standards, but requiring a level of trust in that firm's ability to resist government efforts to weaken it as well as believing they can validate and audit their own code well enough to find and then repair serious flaws.

Open-source projects, whether in the world of free software or other license structures, supposedly had the advantage that anyone could examine the code for flaws or injections.

That's turned out not to be the case, but things are getting better.

Truly cryptic

TrueCrypt is open-source virtual and full-disk encryption software that remains the only viable multiplatform option one could recommend that wasn't tied to a company. The independent project was developed by anonymous programmers for a decade; they still aren't identified. It works in Windows XP and later, many flavors of Linux, and Mac OS X.

In 2013, the nonprofit Open Crypto Audit Project (OCAP) was founded and raised over $70,000 to perform a thorough independent audit of TrueCrypt's codebase. The first phase, related to the "bootloader" software that worked only in Windows for full-disk encryption (FDE), finished in April 2014, and found no back doors or "super critical" bugs. (TrueCrypt can't manage an OS X boot volume. Read more about FDE and OS X's FileVault 2 in a previous Private I column.)

Then, abruptly, the project shut down in May 2014 with the release of a new version (7.2) that could only decrypt virtual disks and real partitions and drives. The developers put a note at the top of a stripped-down webpage, "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues." They also implied that the end of official Microsoft support for XP was part of the reason. Later versions of Windows can use Microsoft-supplied and third-party full-disk encryption.

Mac users can also create encrypted virtual disk images with Disk Utility and encrypt external volumes with a simple Control-click on a volume in the Finder. But these have two associated issues: first, they're not portable to other platforms; second, we rely on Apple's codebase, which isn't externally and independently audited. TrueCrypt brings portability, and because the code is available for inspection, the opportunity to confirm it's not hiding secrets.

This raised many questions, none of which have been answered. Did the team get tired of the work after a decade? Did they discover a flaw so severe they felt they couldn't fix it? Did a government (one or more) discover their identities and pressure them to install weaker encryption or a backdoor? It's simply unknown, and none of my security sources have any strong inclination as to the reason.

After delays related to the project's shutdown, OCAP today released its long-awaited second audit phase, which looked more deeply at many aspect of TrueCrypt 7.1a, the penultimate release in 2012 that many people still rely on, and which was thought to be secure, even though it hadn't been proven. It's also important because of two projects that rely on the TrueCrypt codebase.

Ciphershed (alpha release) and VeraCrypt are "forked" releases, which expand and change the TrueCrypt format. Both support OS X. There remains some concern that TrueCrypt's software license doesn't allow these sort of forks, but these projects are proceeding nonetheless. (The anonymous developers would conceivably either have to uncloak or obtain counsel in order to pursue a copyright violation, and it's not crystal clear if they would prevail.)

The OCAP report found a few problems, none of them seemingly intentionally designed to allow unwanted access. The most severe is only an issue under Windows, and can be fixed relatively easily. The two descendant project say they've already fixed some problems they've found, and this audit should improve them even more.

The rest of the code

Without insinuating anything troubling about Apple, but rather understanding both the nature of government intrusion and gag orders, as well as remembering "gotofail," it's valid to ask questions about their code.

While Apple doesn't use the OpenSSL encryption library, we as iOS and OS X users are constantly connecting with servers and other software that does. Last year, the Heartbleed bug was discovered, a truly devastating security risk. Despite OpenSSL's extremely wide use and its collaborative, open-source approach, its code had become a poorly maintained mess over years despite a dedicated core of volunteers.

After Heartbleed, tech companies and foundations poured money into the project to allow it to hire and devote consistent programming time to improving it, and thousands of fixes have followed. Just a few days ago, the group sent out an alert in advance about a potential high-severity problem, which turned out to be obscure, but which they were able to find, patch, and release in a timely fashion. This is the direction one hopes things continue to go.

More recently, after Julia Angwin of ProPublica wrote about Werner Koch, the developer and maintainer of GNU Privacy Guard (GPG), which I've previously written about, he received grants and funding to continue his efforts at a sustainable and higher level. One guy was responsible, and lived sometimes on near-starvation wages, to keep a project of global utility going.

Apple could at a future point be unable to resist legally and comment publicly on changes required in their software and hardware. And it doesn't write bug-free code. No one does; no one can. Whatever internal procedures they have in-house, many eyes can improve on code, though there are plenty of times when critical flaws are introduced and unnoticed or remain in place for years or decades in other projects.

More importantly than worrying about Apple's competency, integrity, or ability to resistant government requests (not just from the United States), competition and alternatives spur improvement. And a little bit of funding--crowdfunding, grants, and individual donations--keep these projects alive and audited.

Join the CSO newsletter!

Error: Please check your email address.

Tags TrueCryptMicrosoftsecurityencryptionOCAP

More about AppleLinuxMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Glenn Fleishman

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place