Researchers find no back doors after completing second TrueCrypt audit
After a second round of audits, researchers as part of the Open Crypto Audit Project found no deliberate backdoors or critical security holes in the open source crypto software TrueCrypt. However, some cosmetic flaws have been found.
In April last year, a first report appeared after an analysis of the kernel driver for Windows and the TrueCrypt bootloader carried out by the firm iSEC Partners. It found no backdoors or critical bugs that would destroy or weaken the encryption. In February, it was announced that results would be released soon from a second round of audits looking at TrueCrypt’s cryptographic mechanisms.
The results have now been published. The main conclusion is that no backdoors or critical bugs were found in the second audit either. According to the researchers at NCC Crypto Services, TrueCrypt is a relatively well-designed encryption package, although some flaws in the code have been found that could reduce the reliability of the encryption in specific circumstances.
As an example, the random number generator in the Windows version of TrueCrypt is mentioned. This mechanism is used to generate keys that are as random as possible. However, a ‘predictable’ Rng can make the encryption extremely vulnerable. TrueCrypt uses various sources in Windows to generate random numbers, including the Windows Crypto API. According to the audit report, in some very rare cases this api cannot be started properly, but TrueCrypt still continues to generate keys, while the software should actually stop this process at that time. However, the chance of abuse would be small, because enough other sources are drawn from the so-called entropy pool to generate solid keys, such as mouse movements. However, developers who want to make forks based on the TrueCrypt code are strongly advised to adjust this mechanism.
Another flaw has been found in how TrueCrypt guards against so-called cache timing attacks when the aes algorithm is used. However, such attacks can only be performed on systems that are shared or if a third party can run code on a system.