A recent security audit has shown that while TrueCrypt is plagued by some vulnerabilities, the product is efficient when it comes to protecting data, particularly in cases where an encrypted disk is lost or stolen.
TrueCrypt, a popular open source file and disk encryption software, was discontinued in May 2014 by its anonymous developers who warned users that the product was not secure and advised them to migrate to other solutions. While there are some promising forks, such as VeraCrypt and CipherShed, the original TrueCrypt is still used by many, especially since there is no evidence that its encryption can be easily cracked.
Several months before it was discontinued, the Open Crypto Audit Project (OCAP) announced its intention to conduct a comprehensive audit and cryptanalysis of TrueCrypt. The audit was completed in April 2015 and while researchers found some weaknesses, they had not identified any backdoors or serious design flaws.
Some security issues related to the Windows driver code used by TrueCrypt were disclosed in October by researchers at Google’s Project Zero. However, experts noted at the time that the flaws don’t have a direct impact on the security of encrypted drive volumes at rest.
New TrueCrypt Audit by German Government
The latest TrueCrypt audit was conducted over a six-month period by the Fraunhofer Institute for Secure Information Technology (SIT) on behalf of the German Federal Office for Information Security (BSI). Researchers performed a thorough analysis of the last full version of TrueCrypt, 7.1a, and determined that the product is “safer than previous examinations suggest.”
German experts targeted the encryption mechanism, source code vulnerabilities, the quality of the code and documentation, and the program’s design and architecture. The findings of the OCAP report have also been analyzed to determine if any of the identified issues pose a serious threat.
Auditors noted that there are some quality issues related to TrueCrypt documentation and maintainability. From a security standpoint, experts found that the application of cryptography is not optimal.
“The AES implementation is not timing-resistant, key files are not used in a cryptographically secure way and the integrity of volume headers is not properly protected. There are many redundant implementations (sometimes for hardware-optimization) and disused algorithms are still present in a deactivated form in the source code,” the BSI report reads.
Despite these issues, TrueCrypt is good for protecting data at rest — i.e., files stored on an unmounted hard drive or a USB flash drive. TrueCrypt is not very good for protecting data against attacks in which the attackers have privileged access to a running system, but this risk has been known and documented by the original developers.
In the case of the driver vulnerabilities discovered by Project Zero, an attacker would need to gain remote or direct access to the targeted system in order to exploit the weaknesses, researchers noted.
The OCAP report highlights that TrueCrypt is plagued by several buffer overflow vulnerabilities. However, tests conducted by Fraunhofer SIT researchers have demonstrated that these flaws cannot be exploited.
“In conclusion, I would say that the TrueCrypt code base is probably alright for the most parts. The flaws we found were minor, and similar flaws can occur also in any other implementation of cryptographic functions. In that sense TrueCrypt seems not better or worse than its alternatives,” explained Eric Bodden, one of the researchers involved in the TrueCrypt audit. “Code quality could be improved, though, as there are some places that call for a refactoring and certainly for better documentation. But generally the software does what it was designed for.”
