The Raise & Fall of TrueCrypt
In February 2004 a group of anonymous developers called “The TC Team” released a free program named TrueCrypt. Shortly after, this release was marked as a disaster by some of the US alphabet agencies, and with time it topped the NSA’s list of the threats to the agency’s ability to acquire information.
What made it so special? It allowed to create a virtual on-the-fly encrypted disk within a file, or encrypt an existing disk volume using the strongest known ciphers — such as AES, Serpent, and Twofish — as well as several super-strong cascaded algorithms based on them— AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES, and Twofish-Serpent.
On top of that, it supported a concept called ‘plausible encryption deniability’ — when you hide one encrypted disk within another, like a Russian nesting doll — and when the existence of the inner one can be denied if the main encrypted disk is compromised. So in case one is forced to reveal the password to the encrypted disk — he or she can just fool the adversary forces with the old ‘fake safe’ trick.
By default, TrueCrypt fills all of the free space of its volume with random data, and the volume itself does not contain any kind of “signature” at all — so everything looks the same regardless if there is a hidden volume or not — just a stream of statistically random numbers.
The owner could fill the outer, fake encrypted disk, with plausible but misleading data, keeping the real information still hidden. And it is simply impossible to prove or even detect if it contains an additional TrueCrypt volume.
One of the most notable cases involving TrueCrypt was the case of Lauri Love — a British activist arrested by the UK National Crime Agency on charges of hacking into a number of US governmental agencies, and the case of David Miranda — who was detained while carrying an external hard drive encrypted by TrueCrypt, which allegedly contained documents related to Edward Snowden leaks.
UK officials acknowledged that TrueCrypt:
“[…] renders the material extremely difficult to access”.
This was not due to a lack of resources — even FBI and NSA were not able to break a TrueCrypt-encrypted data of a Brazilian banker in 2008 — even though they have tried it for over a year.
It is still very important to note that TrueCrypt-protected data can be accessed in various ways if an attacker has a physical access to the host computer — even if the host computer was powered down.
TrueCrypt stores its keys in RAM, and typical consumer-level RAM maintains its contents for several seconds after power is cut — and even longer in lower temperatures. The contents of the RAM does not disappear all at once — and there are various ways to extract the encryption keys even after some RAM degradation.
Other ways to extract the encryption keys include keyloggers and rootkits. Basically, by default TrueCrypt cannot protect against attacks with a physical access to its host computer at all, and requires some serious additional layers of security to make it safe in such case.
The fall
After ten years, on May 28th 2014, the TrueCrypt’s official website was updated with a brief, cryptic message:
“Using TrueCrypt is not secure as it may contain unfixed security issues”
By that time it was a go-to encryption tool of everyone concerned with security — from lawyers to journalists, from activists to dissidents in countries where too much complaining can land you in prison or just get killed.
Multiple theories attempting to explain the reason behind this announcement arose throughout the community, with the suspicion that the US Government finally had enough of it being the main one.
It is still opened to interpretations.
The aftermath
The most popular TrueCrypt fork is called VeraCrypt.
It is based on the original TrueCrypt source, and implements several security and performance improvements:
- New storage format (the original TrueCrypt format is believed to be too vulnerable to a National Security Agency) attack capabilities.
- Fixed all of the security issues raised by the 2015 audit of the original TrueCrypt code, as well as the old bootloader issue.
- Larger hashes, Trim & GPT support, etc.
