Remember when late last year cryptographer Matthew Green and Kenneth White, Principal Scientist at Social & Scientific Systems, called for – and then organized – a crowdfunded, public security audit of TrueCrypt?
Well, the results of the first phase of the audit have been published, and the news is good in regards to potential backdoors present in the code.
iSEC Partners, the penetration testing and software design verification firm that has been contracted in December to evaluate TrueCrypt’s Windows kernel code, the bootloader, the filesystem driver, and the areas around this code, reports that they “found no evidence of backdoors or otherwise intentionally malicious code in the assessed areas,” and that the found vulnerabilities “all appear to be unintentional, introduced as the result of bugs rather than malice.”
All in all, they found eleven security issues, four of which of medium severity, four of low severity, and the remaining three of “informational” severity.
“Overall, the source code for both the bootloader and the Windows kernel driver did not meet expected standards for secure code. This includes issues such as lack of comments, use of insecure or deprecated functions, inconsistent variable types, and so forth,” they explained.
“The team also found a potential weakness in the Volume Header integrity checks, they added. “Currently, integrity is provided using a string (“TRUE”) and two CRC32s. The current version of TrueCrypt utilizes XTS2 as the block cipher mode of operation, which lacks protection against modification; however, it is insufficiently malleable to be reliably attacked. The integrity protection can be bypassed, but XTS prevents a reliable attack, so it does not currently appear to be an issue.”
The team found the online documentation for the software to be very good, easily understandable and correct.
“In sum, while TrueCrypt does not have the most polished programming style, there is nothing immediately dangerous to report,” Tom Ritter, security consultant at iSEC Partners concluded.
The second phase of the audit project is set to follow, and it will include a thorough analysis of the part of the code responsable for the actual encryption process.