First Phase of TrueCrypt Audit Turns Up No Backdoors 171
msm1267 (2804139) writes "A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released today (PDF) by iSEC Partners, which was contracted by the Open Crypto Audit Project (OCAP), a grassroots effort that not only conducted a successful fundraising effort to initiate the audit, but raised important questions about the integrity of the software.
The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver; architecture and code reviews were performed, as well as penetration tests including fuzzing interfaces, said Kenneth White, senior security engineer at Social & Scientific Systems. The second phase of the audit will look at whether the various encryption cipher suites, random number generators and critical key algorithms have been implemented correctly."
The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver; architecture and code reviews were performed, as well as penetration tests including fuzzing interfaces, said Kenneth White, senior security engineer at Social & Scientific Systems. The second phase of the audit will look at whether the various encryption cipher suites, random number generators and critical key algorithms have been implemented correctly."
Hard to understate (Score:2, Insightful)
just important this audit is...
Technically if an NSA backdoor existed (Score:1, Insightful)
Technically, if an NSA backdoor existed in the codebase, you would be prevented from reporting it by an NSA letter, subject to immeadiate imprisonment and confiscation.
So, what we can say is that it's clean, insofar as they are permitted to report.
Verify, then trust.
Re:Technically if an NSA backdoor existed (Score:1, Insightful)
Technically, if an NSA backdoor existed in the codebase, you would be prevented from reporting it by an NSA letter, subject to immeadiate imprisonment and confiscation.
So, what we can say is that it's clean, insofar as they are permitted to report.
Verify, then trust.
"Finally, iSEC found no evidence of backdoors or otherwise intentionally malicious code in the
assessed areas" - so I guess they are permitted to lie.
Bootloader & Windows Driver (Score:4, Insightful)
The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver. Not really surprising that they didn't find any critical security issues in those parts. The high value bugs should be in the crypto parts and how they are implemented.
Re:also (Score:5, Insightful)
Since Snowden's revelation about the NSA's clandestine $10 million contract with RSA,
If you're on NSA's radar you've got bigger problems than TrueCrypt's trustworthiness or lack thereof. The NSA doesn't have to have a back door into AES (or the other algorithms) when they have an arsenal of zero day exploits, side channel attacks, social engineering, and TEMPEST techniques at their disposal. The average user should be far more concerned about these attack vectors (from any source, not just NSA) than the security of the underlying encryption algorithm.
The Diceware FAQ [std.com] sums up the problem rather succinctly: "Of course, if you are worried about an organization that can break a seven word passphrase in order to read your e-mail, there are a number of other issues you should be concerned with -- such as how well you pay the team of armed guards that are protecting your computer 24 hours a day."
Re:Technically if an NSA backdoor existed (Score:5, Insightful)
Technically, if an NSA backdoor existed in the codebase, you would be prevented from reporting it by an NSA letter, subject to immeadiate imprisonment and confiscation.
Two responses.
First, I suspect if they were confronted with an NSL they could go the lavabit route and simply suspend the audit project with no explanation. IANAL but I don't think the NSA can compel them to falsify the audit results.
Second, if they are smart, they can have it audited multi-nationally with independent auditors to make it harder for any government gag orders to stick.
what about compilers ? (Score:2, Insightful)
isn't it possible to just have your backdoor be inserted by the compiler ?
Re:Technically if an NSA backdoor existed (Score:2, Insightful)
And Germany and France and South Korea and Japan and Brazil and China and Australia and New Zealand, etc. Or do you honestly think only those 3 countries spy on their citizens?
Re:Technically if an NSA backdoor existed (Score:5, Insightful)
Do they have standing NSLs with all the media organizations out there?
I think there'd be less Snowden leak coverage if there were. :)
You could go outside the country, but those newspapers are government by their own countries version of the NSA who's working in close relationship with ours
Like China & Russia? Governements want their own security as much as their own intelligence agencies want to break it... there's too many pieces moving in opposite directions for there to be a credible global coverup of a transparent audit of open source software.
Re:also (Score:4, Insightful)
If you're on NSA's radar you've got bigger problems than TrueCrypt's trustworthiness or lack thereof.
In case you've been sleeping under a rock for the last year, the target of the NSA is everyone. Not that they put you on the same level as the Chinese military of course, but nobody's under their radar and if they can grab your data or metadata easily they will because you could be a terrorist or at least the friend of a friend of a friend of a terrorist. It's not that the average joe would stand a chance if they threw everything in their arsenal at us, but those "zero day exploits, side channel attacks, social engineering, and TEMPEST techniques" don't come free and using them highly increases the chances of exposing them. The question is more like "Does NSA grab all the TrueCrypt containers used as backup on Dropbox/GDrive/whatever and rifle through everyone's data?" than "If the NSA really wants the contents of my laptop, would this really stop them?"
Re:A triumph for FOSS (Score:5, Insightful)
Re:To Crypt or Not To Crypt (Score:4, Insightful)
You should use a passfile as well as a password. Makes it much harder for an attacker because something like a hardware keylogger or audio analysis to recover keystrokes can't see which file you selected. When it comes to breaking your key there is no way to know after the fact that a keyfile was used, so they will probably waste a large amount of time trying a dictionary attack on the password before even realizing that they need to also try any of the 100,000+ files on your computer as well. That is assuming you used a file on your computer, if it was on an external drive they didn't collect when they grabbed it they are screwed. Keep a few corrupt USB flash drives around just to make the wonder if they had it but broke it.
Re:To Crypt or Not To Crypt (Score:2, Insightful)
True, but if you are that paranoid you can use a VM with the hardfile in an encrypted container on the host OS that is protected by a keyfile.
It's actually a nice way to do it because you can have the host OS as something like a read-only bootable Linux DVD, and use it as an outer layer that somewhat mitigates attacks on the host OS. For example if the host OS was running a VPN/Tor and sending all traffic from the inner host OS over that there would be no way, short of the user making a mistake, for the host to get the IP address of your internet connection. It also prevents apps in the host OS from leaking data outside of the VPN/Tor, and allows you to spoof the network card's MAC address at a (virtual) hardware level, and limits hardware fingerprinting of the machine the host is really running on.
You can also Wireshark the host OS if you are really paranoid, see if it sends any packets to nsa.gov.