Full Disk Encryption Privacy Revisited And What It Means To You
The TrueCrypt audit is complete and the results are very encouraging for the now defunct TrueCrypt and its successors, VeraCrypt and CipherShed. I covered VeraCrypt installation and use in my Paranoid Guide to Files Privacy After TrueCrypt a couple of months ago. This follow-up explains why VeraCrypt is confirmed as one of the safest disk encryption alternatives (at least safer than anything coming from Microsoft, Apple, or anyone tied to a commercial product).
The TrueCrypt Audit
The Open Crypto Project, composed of a group of hardcore cryptologists, completed the TrueCrypt audit and confirmed that there is no evidence of deliberate backdoors in the code. The audit uncovered no severe design flaws that could make the software unsafe for use. This is fantastic news for the main projects that spawned after the disappearance of the TrueCrypt site, since they are all based on the audited code base. In general terms, VeraCrypt and CipherShed are safe for use, have they not strayed too far from the TrueCrypt implementation.
This clean bill of health doesn’t mean that TrueCrypt was perfect. It means that it was hardened enough for even advanced users to sleep well at night, knowing that files are well-protected. Two minor flaws that could lead to data breach were found:
- TrueCrypt’s (and successors’) American Encryption Standard (AES) implementation is susceptible to cache timing attacks
- The Windows version of TrueCrypt relies on a flaky Microsoft API (Windows Crypto API) that some times fails to initialize the pseudo-random number generator
Both of these flaws are technical enough that only a well-prepared attacker can exploit them.
This chart, from the original report, shows that attackers must be sophisticated to exploit these flaws.
My previous paranoid guide to file protection indicated that using Twofish instead of AES encryption in VeraCrypt/TrueCrypt/CipherShed is a way better option, as advised by the experts.
VeraCrypt and CipherShed
The teams behind both projects have committed to accelerating their work on fixing these vulnerabilities and continue to strengthen their products. VeraCrypt took a simple but early lead, even before the audit, in hardening their code to prevent key derivation brute force attacks that TrueCrypt might’ve made possible.
While both encryption systems are backward compatible with TrueCrypt encryption and file access, the healthy path will be to evolve the code to become more resilient in ways that may create incompatibility. The healthiest way to address this is to create new volumes under the new software, mount the legacy TrueCrypt volumes, and copy the data from the TrueCrypt legacy volumes to the new ones. This will leverage any improvements in VeraCrypt or CipherShed not present in the original software, giving you further peace of mind.
No full disk encryption software is perfect, so TrueCrypt’s successors will have their own bugs. As users (and Internet community members) we should help audit whichever one becomes ubiquitous or whichever we use to protect our data. I personally support VeraCrypt in a number of ways, from financial to evangelization. Anything we can do to expose the code to more users, more developers, and further auditing or scrutiny is good for the community. We’ll end up with more robust full disk encryption software, as immune as possible to unauthorized access by 3rd-parties.
The tin foil hat conspiracy theory that the NSA had forced back doors on TrueCrypt is debunked (the NSA might have known about the vulnerabilities found, but it’s not their policy to disclose such findings anyway). The TrueCrypt audit cast needed light on the resiliency of the code, and everything known so far indicates that its VeraCrypt, CipherShed, and other successors are a good way to protect our data.
- VeraCrypt project and software downloads
- CipherShed project and software downloads
- Complete Open Crypto Audit Project report (PDF, 1.1 MB)