Free and open source full disk encryption program TrueCrypt was the darling of the security world (recommended by Edward Snowden and Amazon alike), despite the fact that its developers remained anonymous and the code had not been independently audited.
Just when this second problem was being addressed with an ongoing audit following an Electronic Frontier Foundation (EFF) backed crowdfunded project, the TrueCrypt devs suddenly pulled the plug on their software in extremely dodgy circumstances, recommending that users switch to the wildly insecure and since confirmed by Snowden docs to be have been compromised by the NSA, BitLocker -a move so bizarre that many consider it to be a clear warrant canary of some kind.
Conspiracy theories among an increasingly paranoid security community flourished despite the Open Crypto Audit Project announcing that following Phase I of its audit, no major vulnerabilities were found. With confidence in TrueCrypt at all-time low, but with demand for the features it promised still high (no other program offered all of TrueCrypts advantages except forks of it, which were themselves suspect), the researchers decided to press on with the audit.
Last week the results of Phase II of the audit were published, and broadly give TrueCrypt a clean bill of health. As far as the audit team can determine (there is no way to be 100% sure,) the crypto-software contains no deliberate NSA-exploitable backdoors or vulnerabilities. As chief researcher of the report, Matthew Green summarized in a blog post,
‘The TL;DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.’
The team did find a number of problems that it recommends need fixing, but these can be fixed, and do not anyway present a major threat to users except under the most unlikely of circumstances,
‘That doesn't mean Truecrypt is perfect. The auditors did find a few glitches and some incautious programming -- leading to a couple of issues that could, in the right circumstances, cause Truecrypt to give less assurance than we'd like it to.
‘For example: the most significant issue in the Truecrypt report is a finding related to the Windows version of Truecrypt's random number generator (RNG), which is responsible for generating the keys that encrypt Truecrypt volumes. This is an important piece of code, since a predictable RNG can spell disaster for the security of everything else in the system…
This is not the end of the world, since the likelihood of such a failure is extremely low. Moreover, even if the Windows Crypto API does fail on your system, Truecrypt still collects entropy from sources such as system pointers and mouse movements. These alternatives are probably good enough to protect you. But it's a bad design and should certainly be fixed in any Truecrypt forks.’
The security community is likely now breathing a big sigh of relief, and these results are likely improve confidence in forks that have been developed since TrueCrypt’s theoretical demise. The big problem with such forks is that the TrueCrypt code, while source available for auditing, is not truly open source, and so any such fork is developed in violation of copyright. However, for this to be an issue, the original devs would have to de-anonymise themselves and press the claim, something that given the effort they have gone to protect their identities, most observers consider unlikely. It is nevertheless something of a gamble for future devs to potentially waste a great deal of time and effort developing software that may eventually be shut down.
The two major forks of TrueCrypt currently in development are VeraCrypt and CypherShed, of which VeraCrypt is generally regarded as the better (and which claims to have fixed some of the problems with TrueCrypt). Watch this space for an in-depth look at VeraCrypt.
Those who would prefer to trust the already audited code can find legacy versions of the software at the TrueCrypt Final Release Repository (we have a full guide to using TrueCrypt available here), while those still leery of TrueCrypt altogether (a quite understandable position in our view, despite the new findings) might like to check out our article on 5 best open source alternatives to TrueCrypt.