TrueCrypt Alternatives Step Up Post-Cryptanalysis

msm1267 writes: What's next for TrueCrypt now that a two-phase audit of the code and its cryptography uncovered a few critical vulnerabilities, but no backdoors? Two alternative open source encryption projects forked TrueCrypt once its developers decided to abandon the project in early 2014, giving rise to VeraCrypt and CipherShed — and both are ready to accelerate growth, compatibility and functionality now that the TrueCrypt code has been given a relatively clean bill of health.

Re: Licensing?

[bill_mcgonigle]

Exactly - any claims are unenforceable. Whoever calls their fork "truecrypt" will have more success.

Re:They can hire a lawyer ...

[youngatheart]

Yeah, they could if they wanted to, and if they had the money to get the ball rolling, but.... I'm not convinced they want to keep it from being forked. I got the feeling that TrueCrypt was basically a labor of love where the creators wanted to keep control of it and avoid exposing themselves to getting strong-armed into building in back doors.

If you could ask them and get an honest answer, I suspect they'd tell you that government agencies figured out who they were. I think those agencies came to them and told them that they had no choice but to compromise the security "for the sake of the children." I think that's when they decided it was best to just exit rather than fight. I think that if they were given a choice between compromising their work intentionally and seeing other people take over, they'd support other people taking over even if they couldn't publicly endorse the efforts.

That's all conjecture of course, but as a long time fan of their work and someone who listened to many analyses of their exit from the stage, I'm moderately confident in my guesses.

Re:

[Anonymous Coward]

I came to exactly the same conclusion when the their final, crippled version was released. They honorably committed seppuku rather than submitting to demands to add a backdoor. The fact that they felt like these were their only two options is quite alarming though...

Also at the time I felt it was quite likely that truecrypt wasn't broken - if they already had access, they would have left the developers alone.

Re:

[Anonymous Coward]

Why should the developers acquiesce to any "backdoor" demands from any organisation including the government? Software developers have become boot-licking collaborators acting in concert with privacy-destroying governments.

This just shows your ignorance about the amount of effort required to resist government demands. Hell, the NSA has been a pain in the ass since the PhasorPhone [etoan.com] incident.

If any of them were in the US, expect the pressure to be intense. If they were in certain other allied countries such as

Re:

[mrchaotica]

IIRC, it was a "you can fork it, but you can't call the fork 'TrueCrypt'" kind of deal -- which is why the new versions in TFS have different names.

Re:

[Fencepost]

I believe there were more restrictions than that, however in order to go after infringers the actual owners of TC would have to come forward in some way that would make them identifiable and they've shown no interest in ever doing so.

Re:Licensing?

[WuphonsReach]

Just because you can get away with something doesn't make it moral and/or legal and/or a good business decision.

Re:Licensing?

[CritterNYC]

The TrueCrypt licensing doesn't permit relicensing and is incompatible with all OSI licenses, including the 'anti-GPL' MsPL license that VeraCrypt chose.

Re:

[rahvin112]

There is a legitimate argument that the real authors won't step forward and enforce their copyright because they would reveal their identity.

I think that is a pretty good chance personally as long as no one is making money. But if one of these companies tries to make money on this I think there is pretty high odds the original developers will step out of the shadows with their hand out.

Re:

[eepr0m]

I don't know that anyone would want to work with the fragmented, disorganized code base. There's also the distinct possibility that the original authors wouldn't come out from the shadows, opting to engage in extrajudicial means of handling such a conflict instead.

good job

[slashmydots]

So the NSA or whatever succeeded in turning one software program into two. Good job, guys. They're probably foreign-managed too so the US gov can't touch them.

Re:

[blackomegax]

5/5 Insightful /s

Re:

[SuricouRaven]

You're jumping to conclusions. The strong-arm-government theory is certainly plausible - it explains the outright weird exit of the developers, as if they wanted to signal something was going on but were under legal threat. That doesn't have to mean the NSA though: The developers might not be in the US, and there are plenty of other governments who might also exert pressure to subvert a project like truecrypt. Most of them, even. They are probably in an English-speaking country, so it might have been the wo

Re:

[gsslay]

How do you know they aren't US gov managed?

Relatively clean?

[GayLinuxUser]

What exactly does that mean? Granted, I don't use TrueCrypt but lately I've felt the need to encrypt some of my private emails and videos.

Re:

[mcl630]

It means they didn't find any backdoors, and the four vulnerabilities that were found weren't critical (despite what the summary incorrectly says).

Re:

[Gr8Apes]

There's only 3 issues for me, as I don't run windows.

Re:

[Tumbleweed]

What exactly does that mean? Granted, I don't use TrueCrypt but lately I've felt the need to encrypt some of my private emails and videos.

My reading of the results is that while no backdoors were found, there were some vulnerabilities found, which are being addressed in the forked projects. That's about as good as could be expected, really, since all software has bugs.

So what are people using anyway?

[Resol]

I've been using TrueCrypt for a long while (in fact still do), but I'm interested in what others use and their justification for its use? (e.g why?) I'm certainly not expert enough to audit any code myself, so I eventually have to just trust something.

Re:

[Anonymous Coward]

I use truecrypt still also. Why? Because it's the only product that's been so thoroughly tested. And I'm not changing until I find something with the same level of testing.

It's obvious to me that the truecrypt project was shutdown at the governments coercion. Truecrypt provides undefeatable security if used correctly.

Not only that, but it stops the hard drive firmware attacks that look for a magic word.

Re:

[fisted]

Not only that, but it stops the hard drive firmware attacks that look for a magic word.

What?

Re:

[SuricouRaven]

If you compromise a drive firmware, what do you do with it? There's nothing much you can do to get data out, but one speculation is it could be used for a remotely triggerable DoS attack: If the drive detects a key phrase (likely a 128- or 192-bit sequence) written, it locks up or self-erases. Easy enough to, say, put the sequence into a URL so a web-server will log it, or send it to an email server. The ability to trigger such would be a powerful first-strike attack in any major conflict, and a good way to

Re:So what are people using anyway?

[Resol]

Interesting, perhaps its the way I use it I don't need full disk encryption. Most of the stuff I consider important and confidential is pretty small (tax return files, bank statements, etc.) What I need is small virtual disks that are encrypted so that I can easily move them around and access them. Perhaps it's extra naive of me, but I put a small true crypt archive on a server that I trust, and can then mount it from there on Linux, Windows, Mac, and iOS (I actually still have an operational NeXTStation, but I don't think there's a true crypt for that.) Maybe there's a better approach for what I'm doing?

Re:So what are people using anyway?

[mlts]

I like having all of the above:

All disks encrypted, which is mainly so the meth-head who breaks in and grabs the hardware doesn't have access to the data. Hardware can be claimed on insurance. Data opens up blackmail, extortion, and many other avenues.

Encrypted VMs as a way to isolate programs from each other, where I can keep my Quicken/QuickBooks in a VM, move it between computers when needed. Backup? Burn the .vmdk or the .vhdx to a BD-R disk.

File based encrypted volumes as a way of stashing client projects, as well as stashing document backups by date before burning to CD.

Of course, it would be nice to have encrypted archives as well, when one doesn't need to hide the length of the files. PGP Zip covers this, but it would be nice to have a higher level of compression like xz, bzip2, or LZMA, as well as the ability to add an ECC record (similar to WinRAR), so if an archive is damaged, it has a chance of being able to be completely repaired.

Re:

[Iamthecheese]

Truecrypt is very popular, (more eyes and faster bugfixes) user friendly, and is the ONLY audited, open-source software with its features. I don't see any reason to use something else.

Re:

[Bob the Super Hamste]

Well I still use it. I like it because it is fairly simple to use and very portable. I have a few TrueCrypt files that store info I would rather not become public (scanned tax documents, financial docs, scanned identity docs, other important docs) but would like to have an easy electronic access to if out somewhere. Also since a TrueCrypt volume is just a file I can easily back them up and move them. So I have the main files on my computer, keep a backup of them in the safe on a USB drive, have another back

Better question than "what's next"

[pla]

Instead of asking "what now", doesn't anyone wonder why TC chose to self-destruct, invoking its own canary and refusing to let anyone keep the name?

If the devs just wanted out, they could have passed on the name to a blessed successor. Even if they wanted to act petty and protect the name for no good reason, they didn't need to invoke their canary. Something about this just doesn't make a whole lot of sense.

Hmm, if we question whether or not we can trust that the NSA didn't get to the original devs...

Re:

[bigfinger76]

That dead horse has had about enough, that's why. Try googling it, as there's plenty of speculation out there. But in light of the fact that the TC devs have been silent, speculation is all you're going to get.

Re:

[ajegwu]

Yeah, I've been thinking that the way they went out is a lot more perplexing now that the audit came up clean.

Re:Better question than "what's next"

[gurps_npc]

Because they did NOT get to the original devs - they tried and FAILED. The devs refused to bow down to their orders and shut down the project.

Getting to the auditors is harder than getting to the devs, because anyone can be the auditor.

The thing about a free society is that the fact that we find out about the tyranny. That makes paranoid fools think their is more tyranny going on. But the truth is that real tyranny hides.

In North Korea, they would not have shut down the the devs, the devs would have put the back door in and kept their mouth shut.

Here in the free world, the devs say no and shut it down, because we have more freedom than they do.

Re:

[UnknownSoldier]

> The devs refused to bow down to their orders and shut down the project.
> Here in the free world, the devs say no and shut it down, because we have more freedom than they do.

Huh?

Cognitive dissonance much??

You are going to argue they have _more_ freedom yet under duress they complied? How the fuck is this "more" freedom??

**IF** they had this mythical freedom you claim then the original TrueCrypt devs would NOT have felt the need to shut it down.

The only think the TrueCrypt devs showed is that they ha

Re:

[gurps_npc]

They did NOT comply.

The order was not "shut down" - the US government is not stupid enough to give that order. It's against the basic principles of Capitalist Republic Democracy.

Any non-psychotic person can easily tell that the NSA went up to them and said:

"Hey, you TrueCrypt people, making a safe, un-crackable encryption system? You are going to put in a back door to let us, the NSA in - and you are NOT going to tell anyone about our order or you will go to jail."

The order the NSA gave was legal.

Re:

[tlhIngan]

"Hey, you TrueCrypt people, making a safe, un-crackable encryption system? You are going to put in a back door to let us, the NSA in - and you are NOT going to tell anyone about our order or you will go to jail."

The order the NSA gave was legal. The true crypt devs are law abiding people. But they weren't going to obey the NSA. So the True Crypt Devs said "Screw that shit, we shut down."

And how do you propose the Truecrypt devs do that?

Remember, TrueCrypt is open-source. Anyone can go and diff the sources b

Re:

[dotancohen]

The NSA did this with RSA, as well. Well, they had to bribe RSA with $10,000 but their code went in.

Oh, and GP should become familiar with the obfuscated C contest:
http://www.ioccc.org/ [ioccc.org]

Re:

[Anonymous Psychopath]

It's also possible, and possibly more likely, that the devs simply abandoned the project because they couldn't or didn't want to put any more time into it. There's literally zero information about why they pulled the plug.

The devs of both the forks referenced in TFS have said the TC source contains a lot of problematic code. CypherShed has said they think the NCC audit wasn't detailed enough and was too high level to uncover all the issues.

Re:

[Fencepost]

It's even possible that the (anonymous, uncompensated) devs were looking at all the crap they were going to have to change and deal with as a result of UEFI, signed bootloaders, etc. and otherwise increasingly restricted hardware and said "screw this, I have kids now, maybe my own startup, I have a ton of things I can spend my time on that are just as satisfying and that I don't have to avoid talking about with anyone."

Re:

[dcollins117]

It's possible, but why not then put a one line message on their web page that said they grew tired on the project and no longer wish to develop it.

That's not what they did. They put up a page that said "ZOMG this is insecure don't use it!" then disappeared.

No matter how you look at it, that's not someone you can trust to keep your data secure.

Re:

[Kjella]

You on the other hand are a wanker that thinks normal people - who are not anywhere near wealthy enough to defend themselves against the full might of a TREASON charge

Not even Snowden is going to be charged with that:

Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.

Of course they have a fair selection of others if they want to "throw the book" at you, unless you end up at Gitmo for waterboarding instead. But you get that one fig leaf to cover behind at least.

Re:

[rahvin112]

Most of the time the simplest answer is the correct one.

We have a project that hadn't seen an update in years, all development effort had stopped and the people behind it were basically gone.

On one hand you have a claim of an order to backdoor the software that hasn't seen an update in ages. An order that contrary to your claim would NOT be legal.

On the other hand you have a claim that the software developers basically realized that unmaintained software is more dangerous than no software because it implies

Re:

[gurps_npc]

Your solution does not explain why they wouldn't SAY that's what they were doing and why.

As such your simplest explanation fails badly.

My explanation may be wrong - but it not tinfoil hat. The NSA has done far worse things than illegally put back doors into software. More importantly, I was using overly specific example to convince a real tin-foil hat guy that he was crazy. I don't claim to know the specifics - I don't know if it was the NSA or some other agency, nor do I know the specific or

Re:

[rahvin112]

Baloney. They were concerned about security, they were shutting down a security related project. The logical "explanation" is to point people at the other solutions that exist to provide the same functionality. Like most logical people they probably figured people would take them at their word and not play pseudo conspiracy theory with why they quit. But like most logical people they failed to take into account the wacko's like you that would read a conspiracy theory into a clean shutdown.

What you suggested

Re:

[david_thornley]

You seem to be assuming that TrueCrypt was based in the US. I don't think we can make that assumption.

As far as I know, the NSA tries to abide by the law, but I'm not convinced it does all the time, even the tortured interpretations of the law they use. I certainly wouldn't trust anybody in the NSA if they denied it. Nor, if it was in the US, was it necessarily the NSA. The FBI might have pressured them, like they did LavaBit. The government may not have had a legal leg to stand on, but that doesn't

Re:

[X0563511]

Would you concur that 0.6 is larger than 0.5? Then why do you have a hard time understanding what gurps wrote?

Re:

[godel_56]

Instead of asking "what now", doesn't anyone wonder why TC chose to self-destruct, invoking its own canary and refusing to let anyone keep the name? If the devs just wanted out, they could have passed on the name to a blessed successor. Even if they wanted to act petty and protect the name for no good reason, they didn't need to invoke their canary. Something about this just doesn't make a whole lot of sense. Hmm, if we question whether or not we can trust that the NSA didn't get to the original devs... How can we trust that they didn't get to the auditors? "Yup, all clear! Enjoy! (Can I have my kids back now, Mr. Suit?)"

We'll never know for certain but one theory is that, being just a couple of developers doing it in their own time for no money, and perhaps with family and other concerns, they just got sick of it. However it would have been nice if the bastards could have at least given us a clue as to why they left.

One big disappointment for me is that the audit did not cover the plausible deniability function of Truecrypt, something that could be crucial if you live in an authoritarian right wing state — such as t

Re:

[Lord Apathy]

Instead of asking "what now", doesn't anyone wonder why TC chose to self-destruct, invoking its own canary and refusing to let anyone keep the name?

I don't see why anyone should bow down to what the original developers wanted. They walked away from the project so the name and the code should be up for grab.

Anyone want to pick up where they left off and use the name truecrypt should go right ahead and do so. What are the original devs going to do? Sue them?

Is it over?

[hyperar]

Did they finished the Step 2 of the analysis?, it's weird, i didn't see it anywhere.

How do you change ?

[dargaud]

So, how retro-compatible are they ? Can you take any kind of TC container (file or device) and open it into those newcomers ? Or do you have to transfer the content into a new container ?

Re:

[The MAZZTer]

VeraCrypt is incompatible with TrueCrypt containers (and vice versa).

Also, VeraCrypt apparently beefs up the security, which results in containers taking minutes to mount instead of seconds. Argh.

Re:

[cfalcon]

The big thing here is that none of these files have a header- if they did, they wouldn't be indistinguishable from randomized data. When you type in a key, it uses a hash over a certain number of repetitions (a lower number for truecrypt, a massive one for veracrypt). It then tests the hashed key. If this fails... it tries with the next possible hashing algo. It goes strictly in order- there's no way to say "just use Whirlpool" or whatever. So if you chose a hash further down the list, you are waiting

Re:

[DiSKiLLeR]

Not true; the latest version of veracrypt CAN open old truecrypt containers and volumes. But yes, the older format is less secure.

Re:

[Steve B]

The latest versions of VeraCrypt can mount TrueCrypt containers. They also allow you to select the hash algorithm (instead of autodetecting) when mounting disks, which speeds up the process (I've never found it to take more than 15 seconds on a six-year-old computer).

So which should i use?

[hyperar]

Which should i use?

Re:

[OutOnARock]

Yes, should I use a VeraCrypt container encrypted by CipherShed...

...or a CipherShed container encrypted by VeraCrypt?

Re:

[Maritz]

That and the fact the version numbers once they hit 2.0 went up by 1 whole number every couple months always showed they were after fame more than openness.

You don't think their anonymity is relevant to this comment? They're famous are they?

Hail Hydra!

[BadPirate]

Cut off one head and two will emerge!