14 DAY TRIAL // The cryptographic review of the popular disk encryption software TrueCrypt has reached an end, with examiners concluding that the latest original version of the program has four problems.
The evaluation was a two-part project of Cryptography Services (part of NCC Group), the current report representing the last one, geared towards the program’s cryptographic implementations.
Crypto strength under the microscope
No reverse-engineering was performed during the review, and the researchers' effort was directed towards the possibility to recover plaintext data from a secured container and achieving code execution when parsing a volume.
The specific areas of the code evaluated were data unit encryption/decryption and the resulting function calls, encryption/decryption buffer, key derivation, volume header reading and the cascade constructions, and AES in XTS Mode.
None of the four problems identified during the analysis could lead to a complete bypass of confidentiality under common usage situations.
The most severe finding touches on the use of Windows API to generate random numbers for master encryption key, as in one unusual scenario, the calls would fail without notice and use poor entropy sources.
Cryptography Services (CS) also found that the checks for the volume header decryption were susceptible to tampering, a vulnerability of undetermined severity. Also, the method used to mix the entropy of keyfiles was not cryptographically sound (low severity), the researchers say.
Another high risk identified refers to “several included AES implementations that may be vulnerable to cache-timing attacks,” the report reads.
First audit found 11 vulnerabilities
TrueCrypt’s development halted in May 2014, no specific reasons being provided by its maintainer(s), whose identity is still not known.
At that time, cryptography expert Matthew Green and security researcher Kenneth White had already started a crowdfunded security assessment of version 7.1a of the application in search of vulnerabilities.
Before the TrueCrypt project was stopped, the researchers had managed to complete the first part of the audit (on February 14, 2014), which discovered 11 issues of medium and low severity.
The endeavor focused on the source code of the bootloader and Windows kernel driver, the conclusion being that it “did not meet expected standards for secure code,” due to “lack of comments, use of insecure or deprecated functions, inconsistent variable types, and so forth.”