Truecrypt Audit Discovered No NSA Backdoors

Rumors of NSA backdoors integrated into the Truecrypt encryption software were dispelled on Thursday, when the NCC finally concluded their in-depth audit.

Truecrypt is a whole-disk encryption tool that is cross-platform compatible, unlike similar software, such as BitLocker for Windows and FileVault for Macs. Because of its compatibility not just with Windows and OS X, but also with Linux, it’s a tool used by millions of people around the world. Lately,rumors have started to circulate about Truecrypt suggesting that there is an NSA-installed backdoor. In response to this and other similar claims, the NCC Group has taken it upon themselves to perform a full audit of the software to investigate these claims. During the process, the original developers have abandoned the project, claiming the tool is not secure. Because the NCC have raised all the funds needed to perform the audit, they decided to carry on.

Results of the Audit

“The TL;DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software,” notes Matthew Green, a Johns Hopkins University professor specializing in cryptography and an audit organizer, on his blog. “The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.”

“That doesn’t mean Truecrypt is perfect. The auditors did find a few glitches and some incautious programming — leading to a couple of issues that could, in the right circumstances, cause Truecrypt to give less assurance than we’d like it to,” says Green.

Here are the vulnerabilities revealed by the audit:

  • Keyfile mixing is not cryptographically sound – Low severity
  • Unauthenticated ciphertext in volume headers – Undetermined
  • CryptAcquireContext may silently fail in unusual scenarios – High severity
  • AES implementation susceptible to cache timing attacks – High severity

“The most significant issue in the Truecrypt report is a finding related to the Windows version of Truecrypt’s random number generator (RNG), which is responsible for generating the keys that encrypt Truecrypt volumes,” says Green. “This is an important piece of code, since a predictable RNG can spell disaster for the security of everything else in the system.”

Although the audit did reveal some potentially dangerous vulnerabilities, none of them are “too bad.” Many other encryption tools suffer from similar problems. What’s more worrisome at this point is the fact that the Truecrypt developers are no longer working on the project that millions of people rely upon. The best hope at this point is that someone else will pick the project up and carry it on.

You can download the full report here.