First phase of TrueCrypt audit finds no backdoors or malicious code

TrueCrypt.jpgThe first phase of the TrueCrypt security audit has come back with good results: security researchers have not found any evidence of backdoors or major security issues in the popular encryption software. This is only the first iteration of the audit, it covers the binary and source code, the next will examine the cryptographic engine and its overall security.

Last year, researchers called for a full audit of open source encryption solution, TrueCrypt, as a bid to find whether the US National Security Agency (NSA) had attempted to weaken encryption standards and had planted backdoors in the encryption software.

As that time, TrueCrypt denied it has implemented a backdoor in its software, and that TrueCrypt only allows decryption with the correct password or key. Cryptography researchers Kenneth White and Matthew Green and others from iSEC, the company contracted to review the bootloader and Windows kernel driver, have been given the responsibility to find out the truth.

The first phase of the results, published in a PDF file, found that the official binary assembly does not contain hidden features and is identical to the supplied source code.

The first stage, which implies meticulous study of source boot loader and Windows-based driver, went on for seven months. However, there were 11 problems found in software, but it seems that inadvertently ended up in the code and nothing to do with the security loopholes. Most issues were of severity Medium (four found) or Low (four found), with an additional three issues having severity Informational (pertaining to Defense in Depth). The researchers propose that both the boot loader and the kernel driver does not meet the expected standards for safety code requirements.

No backdoors or malicious code doesn’t mean perfect

“Overall, the source code for both the bootloader and the Windows kernel driver did not meet expected standards for secure code. This includes issues such as lack of comments, use of insecure or deprecated functions, inconsistent variable types, and so forth,” the report says. “In contrast to the TrueCrypt source code, the online documentation available at does a very good job at both describing TrueCrypt functionality and educating users on how to use TrueCrypt correctly. This includes recommendations to enable full disk encryption that protects the system disk, to help guard against swap, paging, and hibernation-based data leaks.

“The team also found a potential weakness in the Volume Header integrity checks. Currently, integrity is provided using a string (“TRUE”) and two (2) CRC32s. The current version of TrueCrypt utilizes XTS2 as the block cipher mode of operation, which lacks protection against modification; however, it is insufficiently malleable to be reliably attacked. The integrity protection can be bypassed, but XTS prevents a reliable attack, so it does not currently appear to be an issue. Nonetheless, it is not clear why a cryptographic hash or HMAC was not used instead.”

Most importantly, however, it did not reveal the presence of any security issues deliberately introduced into the tool itself or that massively compromise its security. It is a matter particularly urgent today, in light of the extremely dangerous Heartbleed bug, discovered in OpenSSL library that has persisted apparently unfixed and without much exposure since 2011.

The iSEC team recommend that the Windows build environment is updated because it depends a great deal on tools and software packages that are difficult to obtain from trustworthy sources. Once this is done, all binaries, with all security features enabled, should be rebuilt.

The developers’ community took to Reddit to praise the TrueCrypt development team. The community said this is a great first step in bringing the profession of software development into line with other, more established disciplines in fields of science, engineering and financial audit. The public peer review process is facilitated by open source codebase and tools like Github that merge version control with change review/attribution.

Phase two of the audit focuses on cryptanalysis. The various cryptographic methods that are integrated into the software will be examined more closely during second phase. This second phase will also probably take several months to complete.

The timing on the release of this report couldn’t have been better. After the Heartbleed exploit broke, security experts have raised concerns about independently developed open source security products.