TrueCrypt -- one of the world's most-used open source file encryption software used by Millions of privacy and security enthusiasts -- is being audited from past two years by a team of security researchers to assess if it could be easily exploited and cracked. Hopefully, it has cleared the second phase of the audit.
TrueCrypt is a free, open-source and cross-platform encryption program available for Windows, OSX and Linux that can be used to encrypt individual folders or encrypt entire hard drive partitions including the system partition.
NO NSA BACKDOORS
Security Auditors and Cryptography Experts at NCC took an initiative to perform a public information security audit of TrueCrypt in response to the concerns that National Security Agency (NSA) may have tampered with it, according to a leaked classified document by Edward Snowden.
"TrueCrypt appears to be a relatively well-designed piece of crypto software," cryptographic expert Matthew Green wrote in a blog post on Thursday. "The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances."
TrueCrypt cleared the first phase of the audit that reviewed the blueprints of the software and given a relatively clean bill of health almost a year ago. At the first phase, auditors discovered 11 issues of medium and low severity in the software.
Now, the auditors from NCC Group's Cryptography and security audit Services have finalized and published the 21-page Open Cryptographic report related to the second phase of audit that examined TrueCrypt's implementation of random number generators and critical key algorithms, and various encryption cipher suites.
FOUR VULNERABILITIES DISCOVERED
The report uncovered four vulnerabilities in the latest original version of the software, but none of them could lead to a bypass of confidentiality or let hackers use deformed inputs to subvert TrueCrypt. The vulnerabilities are given below:
- Keyfile mixing is not cryptographically sound -- Low severity
- Unauthenticated ciphertext in volume headers -- Undetermined
- CryptAcquireContext may silently fail in unusual scenarios -- High severity
- AES implementation susceptible to cache timing attacks -- High severity
The most critical of the four vulnerabilities involved the use of Windows API to generate random numbers used by master cryptographic key.
A separate vulnerability with undetermined severity checks for the volume header decryption was susceptible to tampering. Also, a low severity flaw for a method used to mix the entropy of keyfiles was not cryptographically sound.
Another high severity flaw identified refers to "several included AES implementations that may be vulnerable to cache-timing attacks."