TrueCrypt

From Wikipedia, the free encyclopedia

Jump to: navigation, search
TrueCrypt
Image:TrueCrypt Logo.png

TrueCrypt on Windows Vista
Developer(s) TrueCrypt Foundation
Stable release 6.2a / 2009-06-15; 26 days ago
Written in C, C++, Assembly
Operating system Cross-platform (Windows, Mac OS, Linux)
Available in 30 languages
(although many are incomplete translations)
Type Disk encryption software
License source available (TrueCrypt Collective License)
Website www.truecrypt.org

TrueCrypt is a software application used for real-time on-the-fly encryption. It is distributed without cost, and has source code available, although under a restrictive licence. It can create a virtual encrypted disk within a file or a device-hosted encrypted volume on either an individual partition or an entire storage device. It supports Microsoft Windows, Mac OS X and Linux (using FUSE) and encrypted volumes can be made portable. The version for Windows Vista or XP can encrypt the boot partition or entire boot drive and has the ability to create and run a hidden encrypted operating system whose existence is deniable. TrueCrypt is distributed under the TrueCrypt Collective License.

Contents

[edit] Encryption algorithms

The individual algorithms supported by TrueCrypt are AES, Serpent and Twofish. Additionally, five different combinations of cascaded algorithms are available: AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES and Twofish-Serpent. The cryptographic hash functions used by TrueCrypt are RIPEMD-160, SHA-512 and Whirlpool.

[edit] Modes of operation

TrueCrypt currently uses the XTS mode of operation. Prior to this TrueCrypt used LRW which is less secure though more secure than CBC mode (when used with predictable initialization vectors) used by versions 4.0 and earlier.[1]

Although new volumes can only be created in XTS mode, older LRW and CBC legacy TrueCrypt volumes can still be mounted.[2]

[edit] Performance

TrueCrypt version 5.1 supports both pipelined and parallelized read and write operations and utilizes an assembly implementation of AES which almost doubles performance compared to earlier versions of TrueCrypt, which was written in C.[3]

Using TrueCrypt on a drive may decrease performance due to the encryption overhead, but there has been one report[4] that encrypting a drive with TrueCrypt 5.0 or later may increase drive performance slightly due to pipelining affecting the way read and write operations are performed.

[edit] Security concerns

[edit] Plausible deniability

TrueCrypt's hidden volume deniability features may be unintentionally compromised by third party software which may leak information through temporary files, thumbnails, etc, to unencrypted disks. In a recent study, Windows Vista, Microsoft Word and Google Desktop were evaluated and found to store information on unencrypted disks. In response to this, the study suggested using hidden operating system feature functionality, now available in TrueCrypt versions 6.0 and later. The security of TrueCrypt's implementation of this feature was not evaluated because the first version of TrueCrypt with this option had only recently been released.[5]

[edit] Identifying TrueCrypt volumes

TrueCrypt volume files have file sizes that are evenly divisible by 512 and their content passes chi-square randomness tests. These features can be used to identify TrueCrypt volumes with a very high probability, and are used by software like the TCHunt[6]. TrueCrypt volumes do not contain known file headers and their content is indistinguishable from random, so it is difficult to prove that certain files are TrueCrypt volumes, though their presence can demonstrate and provide reasonable suspicion they contain encrypted data.

[edit] Passwords stored in memory

TrueCrypt stores its keys in RAM; on an ordinary personal computer the DRAM will maintain its contents for several seconds after power is cut (or longer if the temperature is lowered). Even if there is some degradation in the memory contents, various algorithms can intelligently recover the keys.[7] This method (which would apply in particular to a notebook computer stolen while in power-on, suspended, or screen-locked mode) has been successfully used to attack a file system protected by TrueCrypt.[8]

[edit] Developers' identities

The TrueCrypt developers use the aliases "ennead" and "syncon".[9]

The domain name "truecrypt.org" was originally registered to a false address ("NAVAS Station, ANTARCTICA")[10][11], and was later concealed behind a Network Solutions private registration.[12]

The TrueCrypt trademark was registered in the Czech Republic under name of "David Tesařík".[13]


[edit] Licensing

The TrueCrypt Collective License does not meet the Open Source Definition, and thus has not been approved by the Open Source Initiative. It is considered "non-free" by all the major GNU/Linux distributions (Debian[14], Ubuntu[15], Fedora[16], openSUSE[17], Gentoo[18]). The License is considered "non-free" mainly because of distribution and copyright-liability reasons.[19].

[edit] Planned features

According to the TrueCrypt website[20] the following features are planned for future releases:

  • Full support for Windows 7
  • Command line options for volume creation (already implemented in Linux and Mac OS X versions)
  • 'Raw' CD/DVD volumes

[edit] History

TrueCrypt is based on Encryption for the Masses (E4M), a popular open source on-the-fly encryption (OTFE) program first released in 1997. However, E4M was discontinued in 2000 as the author, Paul Le Roux, began working on commercial OTFE software.

Version Release Date Significant Changes
1.0 February 2, 2004 Initial release. Featured support for Windows 98, ME, 2000 and XP. Added plausible deniability for containers (although due to its simplistic nature, the practical value of the "plausible deniability" offered in this version is debatable[21]), and various bugfixes and improvements over E4M.
1.0a February 3, 2004 Removed support for Windows 98 and ME because the author of the Windows 9x driver for E4M (the ScramDisk driver) gave no permission that would allow his code to be used in projects derived from E4M.[22]
2.0 June 7, 2004 Added AES algorithm. Release made under the GNU General Public License, and signed as the TrueCrypt Foundation – previous versions were signed by TrueCrypt Team.
2.1 June 21, 2004 New release due to licencing issues relating to the GNU General Public License. This release was made under original E4M license.[23]
2.1a October 1, 2004 Removed IDEA encryption algorithm. Version released on SourceForge.net, which became the official TrueCrypt domain. The official TrueCrypt domain moved back to truecrypt.org again at the beginning of May 2005, and the SourceForge website redirects to there.
3.0 December 10, 2004 Added hidden volume support for containers. Added the Serpent and Twofish algorithms, along with cascaded cipher support.
3.1 January 22, 2005 Added portable "Traveller mode", along with new volume mounting options such as being able to mount as "read only".
4.0 November 1, 2005 Added support for Linux, x86-64, Big Endian machines, Keyfiles, the Whirlpool hash algorithm and language packs.
4.1 November 25, 2005 Added LRW mode, which is more secure than CBC mode for on-the-fly storage encryption.[1] LRW mode also neutralized an exploit that could (under certain circumstances) be used to compromise the plausible deniability of a TrueCrypt volume by allowing it to be distinguished from random data.[2]
4.2 April 17, 2006 Added various features to the Linux version, such as the ability to create volumes, change passwords and keyfiles, generate keyfiles and backup/restore volume headers. In the Windows version, it introduced support for dynamic (sparse file) volumes.
4.3 March 19, 2007 Added support for Windows Vista, support for file systems using sector sizes other than 512 bytes. This release phased out support of 64-bit block ciphers, disallowing creation of new containers using the Blowfish, CAST-128 or Triple DES algorithms.
5.0 February 5, 2008 Introduced XTS mode of operation. Added Mac OS X support, Linux graphical interface and Windows system disk encryption with pre-boot authentication, ability of creation of hidden volumes within NTFS volumes, but removed the ability to create hidden volumes on Linux, use the tool on a non-gui console and the ability to create encrypted partitions from the text mode. Encrypting the system volume for Windows 2000 is no longer supported.[24] Encrypting containers and non-system volumes is still supported, however.[25]
5.1 March 10, 2008 Added support for hibernation on Windows computers where the system partition is encrypted, the ability to mount a partition in Windows that is within the key scope of system encryption without pre-boot authentication, and added command line options for creating new volumes in Linux and Mac OS X. This version also reduced the minimum memory requirements for the TrueCrypt Boot Loader (AES) from 42 KB to 27 KB in Windows and included significant improvements in AES encryption/decryption performance.
6.0 July 4, 2008 Parallelized encryption/decryption on multi-core processors (or multi-processor systems). Increase in encryption/decryption speed is directly proportional to the number of cores and/or processors. Container header format updated to allow for a built-in backup, this allows recovery of containers with very minor damage to their headers. Ability to create and run an encrypted hidden operating system whose existence is impossible to prove. Ability to create hidden volumes under Mac OS X and Linux.
6.0a July 8, 2008 On systems where certain inappropriately designed chipset drivers were installed, it was impossible to encrypt the system partition/drive. This will no longer occur. Other minor bug fixes.
6.1 October 31, 2008 Ability to encrypt a non-system partition without losing existing data on the partition (in place encryption) on Windows Vista and Windows 2008. Added support for security tokens and smart cards (two-factor authentication), though only to store keyfiles (no encryption). TrueCrypt bootloader now customizable. Pre-boot passwords can now mount non-system volumes. Linux and Mac OS X versions can now mount an encrypted Windows encrypted system drive.
6.1a December 1, 2008 Minor improvements, bug fixes, and security enhancements.
6.2 May 11, 2009 The I/O pipeline of the Windows version now uses read-ahead buffering to improve read performance, especially on solid-state drives.
6.2a June 15, 2009 Improved file container creation speed on systems that have issues with write block sizes greater than 64 KB. The 'Device not ready' error will no longer occur when the process of decrypting a system partition/drive is finished. Other minor improvements and bug fixes.

[edit] See also

[edit] References and notes

  1. ^ a b Fruhwirth, Clemens (2005-07-18). "New Methods in Hard Disk Encryption" (PDF). Institute for Computer Languages, Theory and Logic Group, Vienna University of Technology. http://clemens.endorphin.org/nmihde/nmihde-A4-ds.pdf. Retrieved on 2007-03-10. 
  2. ^ a b "Version History". TrueCrypt Documentation. TrueCrypt Foundation. http://www.truecrypt.org/docs/?s=version-history. Retrieved on 2007-03-10. 
  3. ^ "Version History Part 1". TrueCrypt Documentation. TrueCrypt Foundation. http://www.truecrypt.org/docs/?s=version-history. Retrieved on 2008-06-04. 
  4. ^ "Security Now! Transcript of Episode #133". Security Now! / TrueCrypt 5.0. Gibson Research Corporation. http://www.grc.com/sn/sn-133.htm. Retrieved on 2008-07-12. 
  5. ^ Alexei Czeskis, David J. St. Hilaire, Karl Koscher, Steven D. Gribble, Tadayoshi Kohno, Bruce Schneier (2008-07-18). "Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications". 3rd USENIX Workshop on Hot Topics in Security. 
  6. ^ TCHunt - Find TrueCrypt Files
  7. ^ Alex Halderman et al.. "Lest We Remember: Cold Boot Attacks on Encryption Keys". http://www.usenix.org/event/sec08/tech/full_papers/halderman/halderman_html/. 
  8. ^ Alex Halderman et al.. "Lest We Remember: Cold Boot Attacks on Encryption Keys". http://www.usenix.org/event/sec08/tech/full_papers/halderman/halderman_html/. 
  9. ^ Developer email address
  10. ^ webreportr.com domain information for TrueCrypt
  11. ^ http://www.who.is/website-information/truecrypt.org/ who.is WHOIS
  12. ^ Network Solutions WHOIS
  13. ^ Intellectual Property Digital Library; search trademarks directory for IRN/925625
  14. ^ Debian Bug report logs - #364034. Accessed on: January 12, 2009.
  15. ^ Bug #109701 in Ubuntu. Accessed on: April 20, 2009
  16. ^ TrueCrypt licensing concern Accessed on: April 20, 2009
  17. ^ non-OSI compliant packages in the openSUSE Build Service. Accessed on: April 20, 2009
  18. ^ Gentoo bug 241650. Accessed on: April 20, 2009
  19. ^ Tom Calloway of Redhat about TrueCrypt licensing concern Accessed on July 10, 2009
  20. ^ Features to be implemented in future versions
  21. ^ Plausible Deniability
  22. ^ The authors of Scramdisk and E4M exchanged some code – the author of Scramdisk provided a driver for Windows 9x, and the author of E4M provided a driver for Windows NT, enabling cross-platform versions of both programs.
  23. ^ "TrueCrypt User's Guide" (PDF). TrueCrypt Version 3.1a. TrueCrypt Foundation. 2005-02-07. p.44. http://security.ngoinabox.org/Programs/Security/Encryption%20Tools/TrueCrypt/TrueCrypt%20User%20Guide.pdf. Retrieved on 2007-05-01. 
  24. ^ TrueCrypt - Free Open-Source Disk Encryption Software - Documentation - Systems Supported for System Encryption
  25. ^ TrueCrypt - Free Open-Source Disk Encryption Software - Documentation - Supported Operating Systems

[edit] External links

v  d  e
 
Cryptography
Retrieved from "http://en.wikipedia.org/wiki/TrueCrypt"
Personal tools