TrueCrypt in doubt; request thoughts

[alphapapa]

Hi,

With all the news about the official TrueCrypt implementation's debacle, it seems like the author of tcplay should have some relevant insight. I would like to hear your thoughts if you are willing, about the official implementation, and about tcplay and the TrueCrypt format in general.

Thanks.

[r3cgm]

Seconded. I've also been wondering if we should consider binary-compatible TrueCrypt files suspect until the TC code audit has been competed. Thoughts?

[bwalex]

On 31/05/14 16:20, alphapapa wrote:

With all the news about the official TrueCrypt implementation's
debacle, it seems like the author of tcplay should have some relevant
insight. I would like to hear your thoughts if you are willing, about
the official implementation, and about tcplay and the TrueCrypt format
in general.

First off I'd like to note that I'm no expert in cryptography.

I can't comment on the TrueCrypt implementation in the official
TrueCrypt program(s), because I've never looked at the source code in
any sort of detail to avoid licensing issues whilst writing tcplay. That
said, from the little I've seen and from what I heard, it's not the greatest
code, hard to understand what exactly goes on where, etc.

I also find it all a bit odd that it was never known who was behind
TrueCrypt, but that's possibly fair enough. What I do find odd, though,
is recommending something like BitLocker as a replacement for TrueCrypt.
Unlike TrueCrypt, the entire on-disk format, key derivation and
encryption are pretty obscure in BitLocker (and similarly in Apple's
equivalent). I personally don't think that something like BitLocker is a
(good) replacement for something like TrueCrypt (or LUKS).

As for the claims for TrueCrypt being insecure - I can't comment on the
"offical" TrueCrypt implementation, because I'm not too familiar with
it. It might well be that the implementation is ever so slightly broken,
and I'm not sure even code review can find all the issues that might be
lurking. I'm also not daft enough to claim that tcplay is flawless -
it's far from; but at least it is a cleaner code base, can be compiled
easily, and the whole development of it is based on openness.

The TrueCrypt format itself is very similar to other disk encryption
standards like LUKS. There is nothing fundamentally insecure about the
mechanisms behind TrueCrypt (the format). The key storage and derivation
is sensible, the block encryption also is. Some of the promises around
plausible deniability are a bit far fetched, but other than that, the
format is sound.

Hope that helps,
Cheers,
Alex

[alphapapa]

Thank you, Alex. I don't actually use TC much myself, but I like to keep
informed. :)

I'm surprised that tcplay doesn't seem to be more widely known. In all the
discussion about TC and auditing it, I never saw any mention of tcplay. I
wonder if it would be better to focus on auditing tcplay than the official
TC source release, to just make a clean break from it. But I suppose that
might not be as intriguing... ;)

On Sun, Jun 1, 2014 at 2:19 PM, Alex Hornung notifications@github.com
wrote:

On 31/05/14 16:20, alphapapa wrote:

With all the news about the official TrueCrypt implementation's
debacle, it seems like the author of tcplay should have some relevant
insight. I would like to hear your thoughts if you are willing, about
the official implementation, and about tcplay and the TrueCrypt format
in general.

First off I'd like to note that I'm no expert in cryptography.

I can't comment on the TrueCrypt implementation in the official
TrueCrypt program(s), because I've never looked at the source code in
any sort of detail to avoid licensing issues whilst writing tcplay. That
said, from the little I've seen and from what I heard, it's pretty
miserable code, hard to understand what exactly goes on where, etc.

I also find it all a bit odd that it was never known who was behind
TrueCrypt, but that's possibly fair enough. What I do find odd, though,
is recommending something like BitLocker as a replacement for TrueCrypt.
Unlike TrueCrypt, the entire on-disk format, key derivation and
encryption are pretty obscure in BitLocker (and similarly in Apple's
equivalent). I personally don't think that something like BitLocker is a
(good) replacement for something like TrueCrypt (or LUKS).

As for the claims for TrueCrypt being insecure - I can't comment on the
"offical" TrueCrypt implementation, because I'm not too familiar with
it. It might well be that the implementation is ever so slightly broken,
and I'm not sure even code review can find all the issues that might be
lurking. I'm also not daft enough to claim that tcplay is flawless -
it's far from; but at least it is a cleaner code base, can be compiled
easily, and the whole development of it is based on openness.

The TrueCrypt format itself is very similar to other disk encryption
standards like LUKS. There is nothing fundamentally insecure about the
mechanisms behind TrueCrypt (the format). The key storage and derivation
is sensible, the block encryption also is. Some of the promises around
plausible deniability are a bit far fetched, but other than that, the
format is sound.

Hope that helps,
Cheers,
Alex

—
Reply to this email directly or view it on GitHub
#57 (comment).