TrueCrypt A presentation by Brett Smith COSC 4553-01 Spring 2008 Assignment #11
Overview Brief History Basics of TrueCrypt Why do we need this? Known security vulnerabilities Conclusion Sources
Brief History TrueCrypt is an open-source project based on Encryption for the Masses (E4M), a popular open source on-the-fly-encryption (OTFE) program that was discontinued in 2000. TrueCrypt was first released in February of 2004, and is still an active and thriving project today.
Basics of TrueCrypt TrueCrypt is a software application used for on-the-fly encryption (OTFE). It can create a "file-hosted container" by writing an encrypted file system contained within a regular file, which can then be mounted as if it were a real disk. TrueCrypt also supports device-hosted volumes, which can be created on either an individual partition or an entire disk. These volumes or files have no identifying information to indicate that they are data managed by TrueCrypt. It will appear to be a file filled with random bytes or in the case of a volume, simply unused free space.
Basics cont. Access to a TrueCrypt partition is protected using a traditional password and/or a “key file”. A key file acts as a binary equivalent to a traditional password. It can be a favorite song, a picture of your grandpa, or a random file generated by TrueCrypt. With version 5.0 and above it can now encrypt the Windows boot partition. With Linux kernel 2.6.24 and above you can encrypt everything with TrueCrypt but the /boot folder. Encryption algorithms: AES-256, Serpent, and Twofish. (And combinations of these three) Mode of operation: XTS.
Why do we need this? I have a password set for my user account on Windows/Linux, so I’m safe, right? Wrong! Someone can easily take your hard drive and read your files using a different computer. Do you have data that could cause damage to your organization or your personal reputation if it fell into the wrong hands? Are there documents on your computer that are strictly confidential? (For example, bank and credit card account numbers, or personnel files.) Do you send and receive email messages containing confidential information about your organization's work? TrueCrypt tries to remedy these security breaches by offering a secure data dump for your private or confidential files. Or if you really want extra protection, you can encrypt your entire partition.
Known security vulnerabilities The only currently known security vulnerability of TrueCrypt is a “cold boot attack”. This attack requires that you are using full-disk encryption and the attacker has physical access to your machine within a few minutes after shutdown. The attacker can get the master password for your encrypted partition from RAM before the bits fade. Note that this attack does not work if TrueCrypt unmounts the drive itself, as it securely wipes the master password from RAM.
Conclusion TrueCrypt is an on the fly encryption software that has a bright future. The market for such encryption is only growing bigger as corporations and consumers become more aware of just what sort of privacy threats they are coming up against. TrueCrypt is a program that I personally use for sensitive data and will keep using. I would also personally recommend this software for anyone looking for a way to keep their data encrypted.