TrueCrypt Audit: No NSA Backdoors

Mark Wilson writes: A security audit of TrueCrypt has determined that the disk encryption software does not contain any backdoors that could be used by the NSA or other surveillance agencies. A report prepared by the NCC Group (PDF) for the Open Crypto Audit Project found that the encryption tool is not vulnerable to being compromised. However, the software was found to contain a few other security vulnerabilities, including one relating to the use of the Windows API to generate random numbers for master encryption key material. Despite this, TrueCrypt was given a relatively clean bill of health with none of the detected vulnerabilities considered severe enough to lead "to a complete bypass of confidentiality in common usage scenarios."

Re:Tin foil hat time

[buchner.johannes]

Wasn't the NSA accused of suggesting/modifying various encryption standards in order to weaken them? In which case they don't need back doors into the software as they can already unlock the data.

Yes, and the authors of said algorithms (CS researchers) agree that that was ok (a security - speed/implementation tradeoff).

What if the backdoor is well hidden?

[buck-yar]

The shellshock bug went on for a long time with many eyes on the code. How do we know the auditors weren't outmatched and just missed the backdoor?

Re:Tin foil hat time

[Andy+Dodd]

The only case I know of where an algorithm was actually backdoored was one of the random number generation schemes... The algorithm in question happens to be (IIRC) quite fast.

In other cases (DES I think??? I could be wrong.) the NSA recommended some oddball changes. No one could find a negative consequence of them so they went in - a decade or so later, it turns out that the original implementation of DES DID have a cryptographic flaw and the NSA recommendations fixed that.

Keep in mind there are two parts of the NSA, ones which have in many ways highly conflicting goals:
1) One part is tasked with compromising the information infrastructure of our enemies - these are the ones who keep on making the news these days
2) Another part is tasked with protecting our critical information infrastructure, especially with protecting data sensitive to national security. These are the people who do Type I crypto certification, worked on creating SELinux, etc. These rarely make the news but in general, from our perspective these are the good guys. You can tell that AES-256 is NOT backdoored by the NSA since they allow it to be used to protect classified information (NSA Suite B - you can assume anything in Suite B is solid since the NSA is using it themselves.)

Their audit doesn't matter...

[frank_adrian314159]

If this hadn't been done ten years before he talked about, it's been done by now. They have everything they want. Live accordingly.

Re:Tin foil hat time

[Opportunist]

In theory, yes. I just think selling SELinux could be a bit hard. You see what's going on here with things where the NSA might have, allegedly, maybe, could have, possibly, considered influencing the potential eventual implementation of what could have become part of something they could use.

In SELinux there is no doubt about the NSA's involvement. It was one of the effin' selling points of the system.

Now, the whole deal looks good on paper (provided you find a Linux Guru willing and able to administer that monstrosity). But that nagging feeling remains: Do you want to trust a foreign intelligence service that has not allegedly, maybe, possibly spied with impunity on everyone and anyone domestic and abroad just as they feel like, but who has done that with proven certainty?