TrueCrypt Master Key Extraction and Volume Identification

An anonymous reader writes "The Volatility memory forensics project has developed plugins that can automatically find instances of Truecrypt within RAM dumps and extract the associated keys and parameters. Previous research in this area has focused specifically on AES keys and led to the development of tools such as aeskeyfind. The Volatility plugin takes a different approach by finding and analyzing the same data structures in memory that Truecrypt uses to manage encryption and decryption of data that is being read from and written to disk. With the creation of these plugins a wide range of investigators can now decrypt Truecrypt volumes regardless of the algorithm used (AES, Seperent, combinations of algos, etc.). Users of Truecrypt should be extra careful of physical security of their systems to prevent investigators from gaining access to the contents of physical memory."

Re:Memory dump lol

[avltree]

Nothing that you mentioned would prevent someone from taking a memory dump of your machine.... With firewire, pci slots, or other DMA-capable hardware slots, memory can be captured with physical access and no user credentials required. With (root) user credentials, memory can be captured through projects such as LiME that are kernel modules that dump physical memory to disk or over the network.

Re:Burn after reading?

[Anonymous Coward]

Also, you have to ask how much worth would that would be.

If they have your RAM dump the securiy has been already lost.

Re:Burn after reading?

[mrchaotica]

Not if it throws away the key and prompts you to re-enter it every time it wakes back up.

more FUD from Slashdot's owners

[Anonymous Coward]

-a KEYLOGGER is an infinitely greater risk to the use of ANY encryption system, and keyloggers are trivially inserted into a PC via almost unlimited numbers of hardware and software methods.

-gaining access to the current RAM of a system is just about the most convoluted and 'expensive' method of a targeted attack. The contents of RAM, of course, are lost once the system powers down. If you are targeted, there are a million easier ways of gaining your password. Many simply use the placement of hidden cameras. At the other extreme, remote equipment can be used to recreate your screen content via EM radiation emitted by the display and drivers.

If Truecrypt is coded properly, it can attempt to keep the 'key' within the caches of the CPU only, and avoid 'write-back' on most processors. If RAM must be used, there are numerous obfuscating RAM usage methods that can prevent the key from living in predictable sequences of RAM bytes. However, you can assume Trucrypt is doing such as much as is useful. Truecrypt FAILS the moment the user is a LIVE (as in current Truecrypt user) target of a 1st class US intelligence operation. Gaining the password from a person who is still entering the password on a regular basis, when money is no object, and the Law is bent as is required, can be taken for granted.

The owner's of Slashdot promote stories like this for one reason- to DISCOURAGE as many people as possible from bothering with Truecrypt in the first place. If naive sheeple THINK Truecrypt is as compromised as the NSA back-doored products from Microsoft et al, they'll 'think' they might as well use the Microsoft or similar product, because of ease of use.

EVERY anti-Truecrypt story is NSA FUD. EVERY commercial encryption package, for instance, allows warrantless searches at the border to reveal the use of encryption, and allows the agents to strong-arm the KNOWN existing passwords from you. However, despite what the vile shills tell you here, used properly there is ZERO trace of actual encryption use on your laptop with Truecrypt, so the probability of warrantless hassle is reduced to as close to zero as you are going to get.

Re:In other words

[Jane Q. Public]

"And when the spooks turn it back on, the key gets copied into RAM again because that's part of the bootup process, and necessary if the system is to read the disk and finish booting."

No, it isn't. Have you ever actually used TrueCrypt?

When the program quits normally (or after a configurable time period), the key is GONE. It may linger in RAM for a very brief period but then it's gone. Truecrypt stores the key only in RAM, so when a machine is shut down, again the key is GONE. If your machine is on sleep or hibernate, the RAM might be preserved, but otherwise no. GP said "turn it off". Turn it off and the key is GONE.

Booting up has zero effect on this; the key is not stored anywhere on disk (unless YOU stored it somewhere on purpose, which would be dumb).

Re:In other words

[Jane Q. Public]

"Only if they have probable cause to compel you to supply the password. Have you ever used Truecrypt in disk mode? You have to enter the volume password first thing after the BIOS."

Nope. Check out the recent court cases, and past Supreme Court cases. Probable cause is NOT sufficient to compel you to turn over your password. Only a court can do that, and in order to do that legally, the court has to have a great deal more evidence than mere probable cause. In fact they have to pretty much know in advance that the drive contains material that proves you broke the law.

Forcing someone to give up their password raises 5th Amendment questions. Pretty much the only time they can do that is if they ALREADY KNOW beyond reasonable doubt that something illegal is there, because in that case you would not be incriminating yourself; you are already "incriminated".

LOL "investigators"

[CuteSteveJobs]

> Users of Truecrypt should be extra careful of physical security of their systems to prevent investigators from gaining access to the contents of physical memory."

By investigators, do you mean government workers conducting industrial espionage?

http://www.washingtonsblog.com/2013/10/nsa-busted-conducting-industrial-espionage-in-france-mexico-brazil-and-other-countries.html [washingtonsblog.com]
http://www.abc.net.au/news/2013-12-04/asio-arrests-key-witness-in-east-timor-spying-scandal/5132954 [abc.net.au]
http://www.globalresearch.ca/canada-spied-on-brazils-government-as-part-of-global-commercial-espionage-campaign/5353642 [globalresearch.ca]
http://www.smh.com.au/national/australian-spy-agency-helped-bhp-negotiate-trade-deals-20131106-2x1sw.html [smh.com.au]
https://www.techdirt.com/articles/20131111/11532125198/australia-spied-japan-to-help-companies-negotiate-trade-deals.shtml [techdirt.com]
http://www.crikey.com.au/2013/12/02/revealed-the-government-agency-stealing-ideas-from-businesses/ [crikey.com.au]
http://the-japan-news.com/news/article/0000940560 [the-japan-news.com]
http://www.theguardian.com/uk/2013/jun/16/gchq-intercepted-communications-g20-summits [theguardian.com]

Re:In other words

[hawguy]

RAID 5 across the internal drive and and 2 external USB drives. Ship the USB drives via separate methods (UPS, FedEx, USPS, whatever) and reassemble on the other end of the trip. Any one missing portion of the volume can be recovered, but no recoverable portion travels as a single unit. And TrueCrypt the whole thing from a USB-stick installation of TC, with keys stored on the USB stick with TC, but not with any of the portions of the actual protected data. Throw in a fake TC volume on the USB stick for indirection.

(And yes, external drives can be put into RAID configurations. Heck, there are videos of floppy RAID setups out there.)

Yes, it's a pain in the ass. But it shouldn't be impossible. If your data is worth that much to keep out of the hands of some numbnuts at DHS/ICE that has "TURRISTS!" on the (lack of?) brain, then it shouldn't be too much to ask, really.

Just beware the $5 wrench.

Since parts of your data will still be recoverable from a single RAID-5 volume, you have little to gain by splitting up a RAID-5 volume set, unless you don't care that someone can recover up to one third of your data.

If you want your laptop to be unreadable without one of the external drives, you'd be better off storing random data on one or more external drives to use as a one-time-pad. Without one of the OTP drives, the data on your laptop is unreadable (for bonus points, encrypt the OTP to reduce the chance that someone can intercept it and copy it). You can fill each OTP drive with the same random data so you only need to receive one of them to recover your data, or fill them with different random data so you need all of the drives to recover data.

Re:Burn after reading?

[Somebody Is Using My]

Actually, TrueCrypt already has most of those features so they don't need to be written in

TrueCrypt 7.1a for Windows has the following options:

AutoDismount If:
- User Logs Off
- Screensaver Is Activated
- Entering Power Saver Mode*
- Dismount if no data has been read/written in (xx) minutes

I haven't tested ALL of them but I know the screensaver one works. Features may differ depending on platform.

* with a warning that the Windows OS may not properly alert applications that it is shutting down due to low battery power so this feature is not entirely dependable; this seems more a limitation of the OS than the application

And according to the Truecrypt website: "As Microsoft does not provide any appropriate API for handling hibernation and shutdown, master keys used for system encryption cannot be reliably (and are not) erased from RAM when the computer hibernates, is shut down or restarted."

Re:Still working as intended

[al0ha]

Sorry bad logic. Nobody has any idea of Truecrypt's integrity as the entire project has never been peer reviewed and nobody knows all of the persons who contribute to it, so until proven it can't be and hasn't already been compromised, nobody can be confident of its security.

Nobody has claimed to have compromised Truecrypt, that is true, but as we know the NSA and other spook orgs would never admit it if they have and for all we know one of the anonymous developers works for a spook org.

Re:Burn after reading?

[NemosomeN]

The risk is limited to only when you are sitting at your computer. As soon as you lock your computer, the key is purged from ram.