TrueCrypt Alternatives Step Up Post-Cryptanalysis

msm1267 writes: What's next for TrueCrypt now that a two-phase audit of the code and its cryptography uncovered a few critical vulnerabilities, but no backdoors? Two alternative open source encryption projects forked TrueCrypt once its developers decided to abandon the project in early 2014, giving rise to VeraCrypt and CipherShed — and both are ready to accelerate growth, compatibility and functionality now that the TrueCrypt code has been given a relatively clean bill of health.

good job

[slashmydots]

So the NSA or whatever succeeded in turning one software program into two. Good job, guys. They're probably foreign-managed too so the US gov can't touch them.

Relatively clean?

[GayLinuxUser]

What exactly does that mean? Granted, I don't use TrueCrypt but lately I've felt the need to encrypt some of my private emails and videos.

Re:Relatively clean?

[mcl630]

It means they didn't find any backdoors, and the four vulnerabilities that were found weren't critical (despite what the summary incorrectly says).

So what are people using anyway?

[Resol]

I've been using TrueCrypt for a long while (in fact still do), but I'm interested in what others use and their justification for its use? (e.g why?) I'm certainly not expert enough to audit any code myself, so I eventually have to just trust something.

Re:So what are people using anyway?

[Resol]

Interesting, perhaps its the way I use it I don't need full disk encryption. Most of the stuff I consider important and confidential is pretty small (tax return files, bank statements, etc.) What I need is small virtual disks that are encrypted so that I can easily move them around and access them. Perhaps it's extra naive of me, but I put a small true crypt archive on a server that I trust, and can then mount it from there on Linux, Windows, Mac, and iOS (I actually still have an operational NeXTStation, but I don't think there's a true crypt for that.) Maybe there's a better approach for what I'm doing?

Re:So what are people using anyway?

[mlts]

I like having all of the above:

All disks encrypted, which is mainly so the meth-head who breaks in and grabs the hardware doesn't have access to the data. Hardware can be claimed on insurance. Data opens up blackmail, extortion, and many other avenues.

Encrypted VMs as a way to isolate programs from each other, where I can keep my Quicken/QuickBooks in a VM, move it between computers when needed. Backup? Burn the .vmdk or the .vhdx to a BD-R disk.

File based encrypted volumes as a way of stashing client projects, as well as stashing document backups by date before burning to CD.

Of course, it would be nice to have encrypted archives as well, when one doesn't need to hide the length of the files. PGP Zip covers this, but it would be nice to have a higher level of compression like xz, bzip2, or LZMA, as well as the ability to add an ECC record (similar to WinRAR), so if an archive is damaged, it has a chance of being able to be completely repaired.

Re:So what are people using anyway?

[SuricouRaven]

If you compromise a drive firmware, what do you do with it? There's nothing much you can do to get data out, but one speculation is it could be used for a remotely triggerable DoS attack: If the drive detects a key phrase (likely a 128- or 192-bit sequence) written, it locks up or self-erases. Easy enough to, say, put the sequence into a URL so a web-server will log it, or send it to an email server. The ability to trigger such would be a powerful first-strike attack in any major conflict, and a good way to cover up a more conventional infiltration: Fake a drive failure to destroy evidence. There's no evidence any drive has ever been made like this, but with governments now getting involved in this 'cyber war' business such exotic threats are increasingly a concern. It's not beyond plausability that a government might lean on a hard drive manufacturer to include such a remote-destruct feature - remember that the NSA leaks have already revealed an NSA practice of intercepting network hardware en route to high value targets so they can install backdoors before it arrives.

Re:Licensing?

[mrchaotica]

IIRC, it was a "you can fork it, but you can't call the fork 'TrueCrypt'" kind of deal -- which is why the new versions in TFS have different names.

Re:Licensing?

[CritterNYC]

The TrueCrypt licensing doesn't permit relicensing and is incompatible with all OSI licenses, including the 'anti-GPL' MsPL license that VeraCrypt chose.

Re:Better question than "what's next"

[bigfinger76]

That dead horse has had about enough, that's why. Try googling it, as there's plenty of speculation out there. But in light of the fact that the TC devs have been silent, speculation is all you're going to get.

How do you change ?

[dargaud]

So, how retro-compatible are they ? Can you take any kind of TC container (file or device) and open it into those newcomers ? Or do you have to transfer the content into a new container ?

Re:How do you change ?

[cfalcon]

The big thing here is that none of these files have a header- if they did, they wouldn't be indistinguishable from randomized data. When you type in a key, it uses a hash over a certain number of repetitions (a lower number for truecrypt, a massive one for veracrypt). It then tests the hashed key. If this fails... it tries with the next possible hashing algo. It goes strictly in order- there's no way to say "just use Whirlpool" or whatever. So if you chose a hash further down the list, you are waiting for all the hashes. In TC, this wasn't many, in VC, it's a whole lot.

A single button on the UI to choose which one to try first would really make these open much faster.

Re:How do you change ?

[DiSKiLLeR]

Not true; the latest version of veracrypt CAN open old truecrypt containers and volumes. But yes, the older format is less secure.

Re:Better question than "what's next"

[gurps_npc]

Because they did NOT get to the original devs - they tried and FAILED. The devs refused to bow down to their orders and shut down the project.

Getting to the auditors is harder than getting to the devs, because anyone can be the auditor.

The thing about a free society is that the fact that we find out about the tyranny. That makes paranoid fools think their is more tyranny going on. But the truth is that real tyranny hides.

In North Korea, they would not have shut down the the devs, the devs would have put the back door in and kept their mouth shut.

Here in the free world, the devs say no and shut it down, because we have more freedom than they do.

So which should i use?

[hyperar]

Which should i use?

Re:Better question than "what's next"

[gurps_npc]

They did NOT comply.

The order was not "shut down" - the US government is not stupid enough to give that order. It's against the basic principles of Capitalist Republic Democracy.

Any non-psychotic person can easily tell that the NSA went up to them and said:

"Hey, you TrueCrypt people, making a safe, un-crackable encryption system? You are going to put in a back door to let us, the NSA in - and you are NOT going to tell anyone about our order or you will go to jail."

The order the NSA gave was legal. The true crypt devs are law abiding people. But they weren't going to obey the NSA. So the True Crypt Devs said "Screw that shit, we shut down."

You on the other hand are a wanker that thinks normal people - who are not anywhere near wealthy enough to defend themselves against the full might of a TREASON charge - should go to jail just to keep you happy! Because that's all it would have done - the court would have shut down TrueCrypt and put everyone in jail. Look what they did to Snowden.

Stop screaming at other people for not standing up for your principles.

Re:Better question than "what's next"

[tlhIngan]

"Hey, you TrueCrypt people, making a safe, un-crackable encryption system? You are going to put in a back door to let us, the NSA in - and you are NOT going to tell anyone about our order or you will go to jail."

The order the NSA gave was legal. The true crypt devs are law abiding people. But they weren't going to obey the NSA. So the True Crypt Devs said "Screw that shit, we shut down."

And how do you propose the Truecrypt devs do that?

Remember, TrueCrypt is open-source. Anyone can go and diff the sources between versions. Just like the auditors went and took the source and compared it with the binaries.

So you're going to tell me the TrueCrypt devs could somehow insert an NSA backdoor without telling anyone? Even the NSA isn't THAT stupid - people will compare the source vs. binaries, and people will diff the source between revisions.

There is no way to hide a change in TrueCrypt. They could simply not tell anyone about the NSA order, but the source code will have the change clear as day in it. Or if it doesn't, and the binaries do, there's nothing to stop anyone from compiling the source code and having a NSA-free version.

In this case, complying with the NSA would be far better because it'll reveal the true intentions. And no, they can rewrite the repository history all they want, someone will still have a copy of the old source code, and you can diff it against the current. Unless you believe the NSA has special hard drive rewriting magic that'll seek out every source code copy and replace it with the altered version. Across all formats, filesystems, RAID, CD/DVD/Blu-Ray (even pressed), etc.

Sorry, I don't buy that argument.

The only real possibility is there is an NSA backdoor already in the code that's been there a LONG time and buried way back in diffs long forgotten. Except the audit came back clean, which means it has to be hidden very well, and probably there since day 1.

As much as I'm a fan of conspiracy theories, this one is way too easy to disprove.

Remember, we know the last "good" version of TrueCrypt - the source code produced the binaries - the audit has proven that, and the audit has a copy of those verified source and binaries. And the audit can easily re-verify that fact. Sure you can do the whole "what about the compiler doing it" which is probably true for Microsoft and Apple, but Linux is more complex (it would have to be hidden in GCC for a long while now). And it's still not invulnerable to looking at the assembly code (you can compile it debug, optimizations off if you want to make it even easier to trace). If the compiler fails to introduce the hole at any point, it'll be noticed.

The source code diffs would easily show questionable changes as well.

There is no where the NSA could hide this, except at the very beginning of time. And perhaps it's why the TrueCrypt devs quit because the audit would reveal it.

In which case, the clean bill of heath for the audit is now questionable.

Re:They can hire a lawyer ...

[youngatheart]

Yeah, they could if they wanted to, and if they had the money to get the ball rolling, but.... I'm not convinced they want to keep it from being forked. I got the feeling that TrueCrypt was basically a labor of love where the creators wanted to keep control of it and avoid exposing themselves to getting strong-armed into building in back doors.

If you could ask them and get an honest answer, I suspect they'd tell you that government agencies figured out who they were. I think those agencies came to them and told them that they had no choice but to compromise the security "for the sake of the children." I think that's when they decided it was best to just exit rather than fight. I think that if they were given a choice between compromising their work intentionally and seeing other people take over, they'd support other people taking over even if they couldn't publicly endorse the efforts.

That's all conjecture of course, but as a long time fan of their work and someone who listened to many analyses of their exit from the stage, I'm moderately confident in my guesses.

Re:Licensing?

[Fencepost]

I believe there were more restrictions than that, however in order to go after infringers the actual owners of TC would have to come forward in some way that would make them identifiable and they've shown no interest in ever doing so.

Re:Better question than "what's next"

[rahvin112]

Most of the time the simplest answer is the correct one.

We have a project that hadn't seen an update in years, all development effort had stopped and the people behind it were basically gone.

On one hand you have a claim of an order to backdoor the software that hasn't seen an update in ages. An order that contrary to your claim would NOT be legal.

On the other hand you have a claim that the software developers basically realized that unmaintained software is more dangerous than no software because it implies trust that isn't there. So being the responsible group they are they shutdown the project so people don't rely on code and servers that's probably exploitable (and the audit shows it was) because they aren't working on it anymore.

Of those two answers the simplest is not the illegal order to backdoor the software. But feel free to keep your tinfoil hat on while you sling shit around.

Re:Better question than "what's next"

[dcollins117]

It's possible, but why not then put a one line message on their web page that said they grew tired on the project and no longer wish to develop it.

That's not what they did. They put up a page that said "ZOMG this is insecure don't use it!" then disappeared.

No matter how you look at it, that's not someone you can trust to keep your data secure.

Re:Licensing?

[WuphonsReach]

Just because you can get away with something doesn't make it moral and/or legal and/or a good business decision.