Subscribe via e-mail: 
Thu 30 Jul 2009
TrueCrypt hard disk encryption cracked – Nero disc burning free – Windows 7 adoption – Windows 7 activation cracked
By Michael Pietroforte | 44 Comments | Permalink | Trackback | Previous | Next- TrueCrypt hard disk encryption has been cracked: Bootkit Stoned by Peter Kleissner
- Nero now offers a free version of its disc burning software
- Intel Sees Windows 7 Adoption Speeding Past Vista
- Microsoft acknowledges Windows 7 activation hack
- Microsoft does a 180: Tech testers to get a copy of Windows 7 for free
RE: TrueCrypt.
Looks like the Rootkit (once installed) actually watches for write requests when a volume is mounted. So, if on an already infected PC an encrypted volume is mounted, yes the data could be comprimised. The problem isn’t with TrueCrypt, rather it is the infection on the PC in the first place. Any sort of infection can compromise encryption; ie: keyloggers.
TrueCrypt doesn’t (and can’t) guarantee against malware – http://www.truecrypt.org/docs/?s=malware
First of all: I am not associated with TrueCrypt in any way.
Your headline “TrueCrypt hard disk encryption cracked” is _not_ correct. The bootkit has to be installed on the machine where TrueCrypt is installed. Next, the legitimate user has to type his password, so the bootkit can “grab” it.
If you take a full encrypted harddrive and install the bootkit nothing happens to your data.
Therefore the PC has to be already infected (as Jared pointed out) – otherwise your data is safe.
I think a correction of the headline is appropriate.
Mike
This argument is often put forward by Microsoft when one of their security tools has been cracked: “Only when the PC was compromised by malware before, has an attacker a chance to exploit this vulnerability. Therefore, it is not really a security hole.” I think this argument is fundamentally wrong.
The point about hard disk encryption is that even if someone gets physical access to my computer, he won’t be able to access my data. However, TrueCrypt is more or less useless in such a case. Of course there are myriads of other ways of how a hacker could manage to get the bootkit on my PC. Bitlocker doesn’t have this security hole. Therefore, the headline is perfectly correct. TrueCrypt has been cracked.
I have to respectfully disagree.
This bootkit shows that it’s possible to intercept the disk writes. It hasn’t ‘cracked’ any form of encryption. In reality it provides similar functionality as a keylogger – you still need to mount the system volume once before the encryption is no longer effective. And it isn’t just TrueCrypt – the coder notes that “the technique used here is basically applicable for all full encrypting software.” (http://stoned-bootkit.blogspot.com/2009/07/truecrypt-attack-working.html) He’s just used TrueCrypt specifically for his code.
TrueCrypt is not designed to watch for every possible type of malware that may compromise a system. It would be ridiculous to do so – an antivirus engine would need to be built in and actively running, which is not the aim of the program. Just as Bitlocker does not protect against malware, neither does TrueCrypt. TrueCrypt doesn’t claim to protect a compromised system, and rightfully so.
Encrypted volumes should never be mounted on a compromised system. The system needs to be free of any sort of malware or other compromise before the encryption can be considered effective.
Physical access is very compromising. Again, keyloggers can be installed to listen for your passwords. RAMsniffers can also be installed. Physcial access is just bad news.
TrueCrypt can’t protect you against malware, keyloggers etc. That is correct. But this has nothing to do with this attack. Your are right, physical access is very compromising. This is exactly the reason why people use hard disk encryption. Its main purpose is to protect your data if someone gets physical access to your machine. This is the only reason why people use hard disk encryption. Therefore TrueCrypt can’t fulfill its promise anymore. It has been cracked. On the other hand BitLocker used with TPM is not affected by this kind of attack.
The hard drive is still protected unless the system gets mounted *while the system is compromised.* This is the only case in which the data would no longer be secure. Even if an attacker were to have physical access to the machine, they still would not be able to read the encrypted drive if the system wasn’t mounted while the bootkit was installed.
This bootkit can be considered a form of malware, because it is malicious – a rootkit (malware) that is attempting to bypass security and gain access to a system. And as we’ve agreed, TrueCrypt does not protect against malware in any form. This bootkit is no exception.
I’m sorry, but I disagree that this is a form of ‘cracking’ the encryption. Keyloggers (which again is essentially what this bootkit is) or even setting up a camera and watching the keyboard could also be considered as cracks by this definition – something that simply waits for and reads the password as it is entered.
Cracking implies that the encryption is broken into (brute force techniques or finding weak points in the encryption algorithm) which is not the case with this bootkit. All the bootkit does is wait for the user to enter their password. The drive is still protected if it does not get mounted; the encryption is still intact and secure. A true crack would allow access to the drive without having to listen for a password. Again, this bootkit does not do that.
Jared, I think we disagree how this hack works. The point is that Kleissner demonstrated that the bootkit can be installed without mounting the encrypted drive. It works because the MBR is not encrypted. This is how I interpret this sentence in the article: “However, administrator privileges or physical access to a system are required for an infection.”
As I understand this, all you need is to get physical access and then your done. It is not necessary to infect the system while the encrypted drive is mounted.
I also agree in the manner of installation to the system – it can certainly be installed and ran as long as there is physical access to the system. Many rootkits can be installed in a similar manner.
However, were the bootkit installed without the system mounted the encrypted system volume would still be secure. The bootkit still needs the user to mount the system volume: User must type in the correct password to mount the volume which causes the system to send out the write requests – these are what the bootkit reads these to gain the decryption key. Only after that sequence can it bypass the encryption in the future. It does not have access to the decryption keys on its own.
So it does not crack the system encryption, just offers a method of bypassing it pending that the system volume gets mounted while its installed.
(Btw, thanks for keeping this discussion going and in a professional manner. Really appreciate the proactive replies.)
You are right, an attacker would need the TrueCrypt password to get access to the data. But this is not a big deal. All he needs to do is to install the bootkit while he has physical access. Next time the user logs on he has access to the data. I have already seen such attacks in real life (not against TrueCrypt). Hard drive encryption is supposed to prevent this.
And thanks too. I am curious about your next proactive reply.
And it looks like that is where we disagree.
Encryption software serves the purpose of securing the data on an uncompromised system. Once malicious software is present on or an attacker has previously gained physical access to a system (such as in this case), the security of that *system* has been compromised. It is outside of the software’s realm to protect against these things.
With this example, the security of a computer is compromised when the bootkit has been installed – an attacker had physicall access to the machine. This is something that encryption software just cannot prevent. But, at this point the bootkit hasn’t done anything with the encrypted data, it’s just waiting. The data is still secure; TrueCrypt is still doing its job. Only if the user continues use of the compromsied system, then the encryption could later be bypassed.
It’s the same principal as if someone were to just steal the drive: when they’d try to open it, they’d get nowhere fast. The data would still obviously be encrypted. The attacker would need to do something to breach the security of the system itself to circumvent the encryption. Again, no encryption software can account for system security.
TrueCrypt lists a number of different ways that encrypted data could become compromised because of the system itself, though most of them would take some serious work to get at. Their write up starts at http://www.truecrypt.org/docs/?s=security-precautions and drills down into 11 different sections. (on the left side) It’s certainly worth a read as they not only identify different scenarios where it could be possible to gain access to encrypted data, but they also show how to prevent against such things. (Windows paging files, just as one example)
This is not about encryption in general. This is about hard disk encryption. Its main purpose is to prevent physical attacks. Therefore, hard disk encryption does not serve the purpose of securing the data on an uncompromised system. It is the very idea of hard disk encryption to prevent hard disks from being compromised by physical attacks as the one Kleissner has accomplished. There is hard disk encryption software that can prevent such attacks. TrueCrypt does not belong to them anymore.
A typical field of application are public PCs. Hard drive encryption is used here to prevent attackers from installing keyloggers to get access to user or admin passwords. As things stand now, you can use TrueCrypt’s competitor BitLocker for this purpose. However, a public PC that is secured by TrueCrypt’s hard disk encryption can be easily cracked.
Again, this really is out of the control of any disk encryption software.
This bootkit has two ways of installing. One way is from the already decrypted active Windows session with administrative access. Here it is not the encryption software’s job to watch for elevated processes and what they might be up to, this is the job of antivirus/antimalware programs and even the OS.
The other way it can be installed is that it can be ran from a cold boot with physical access. (which is pretty interesting) However, it still has nothing to do with the disk encryption because the disk is still encrypted until the user enters their password.
Ultimately it’s the user’s responsibility to maintain a secure system and prevent these kinds of things.
Well, I guess we will never agree on this one. But perhaps we can agree that there is disk encryption that is in control of these kind of things and that it is better to use those instead of TrueCrypt.
Looks like an agree to disagree.
Hardware based encryption could potentially help to prevent this type of a bypass since it could run without having to first access the MBR. But, then again, TrueCrypt also provides ability to boot from a portable MBR such as USB or CD so it would never have to hit any unencrypted portion of the hard drive.
I do appreciate that you’ve kept these comments up, though. A big pet peeve of mine is a blog that deletes comments simply because the commenter has a different opinion.
Thanks for the discussion, Michael!
The linked article even talks about a “bypass” and not a crack of the algorithm.
I’m studying IT-Security and I can assure you that nobody in the community would call this a crack.
It’s “just” a side-channel-attack and therefore “only” bypasses the still intact encryption.
In the end it’s really about semantics. So TrueCrypt still fulfills its job.
Anything in addition to that is considered to be convenient but not necessary by the hard disc encryption program.
Securing the MBR against viruses or against viruses in general is not its job, but that of Antivirus software.
Encryption -> Prevent unauthorized parties from DECRYPTING
Antivirus -> Prevent the system from being infected with malware
Of course the illusion of TrueCrypt being decrypted is there, because with Bootkit you can get access to the encrypted data.
But as I’ve said, its just semantics. The system is STILL encrypted, but it gets readable on runtime.
So is Hard Disc Encryption circumventable/bypassable? – Yes.
Are its algorithms therefore cracked? – No, definitely not.
Can the Hard Disk Encryption programs be easily modified to prevent Bootkit from working? – Yes.
Is it their job to do this? – No.
If it didn’t start including an antivirus scanner, then why start preventing such a specific malware like Bootkit when it’s not its job?
It would be convenient and trivial, I agree with you there. But it just isn’t its job and it certainly doesn’t make it in itself compromised.
As another example:
You could very well create a virus which could decrypt the system drive silently in the background while the user is surfing the web or whatever.
But again: preventing this is the job of antivirus software.
Hard Disk Encrypion is not supposed to do EVERY other security job. It’s not a all-in-one solution.
The user still has to install antivirus software, a firewall, etc.
Sorry if my ramblings got too long, I’m not really a genius when it comes to making a point.
That’s why I always end up in over-explaining things, I hope you don’t mind too much and still got my point.
Edward, I didn’t say the TrueCrypt’s encryption has been cracked. The heading talks about “TrueCrypt hard disk encryption”. It is certainly the job of a hard disk encryption tool to protect the MBR. There are tools out there supporting MBR protection. That is why it is called “hard disk encryption” and not “partial hard disk encryption”. Drawing analogies with other possible uses of encryption technology is not really helpful here. This is only about hard disk encryption.
But Protecting against MBR changes makes no sense if someone has either administrator privilidges or physical access to the system to begin with.
Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore
These are just 2 of the 10 fundamental security laws: http://technet.microsoft.com/en-us/library/cc722487.aspx
With physical access to a computer the attacker can do ANYTHING he wants. Trying to protect against this using software solutions simply is not possible. Therefore there’s no point in doing it.
If you don’t want somebody to be able to change the MBR then you have to secure your computer physically.
Michael Pietroforte, TrueCrypt does prevent against installing walware in the MBR and the bootloader. All you have to do is boot from the CD-ROM and overwite the MBR/Bootloader with a known legit copy each time you boot your computer.
The claim that truecrypt is flawed because it doesnt have TPM is non-sense. TPM is volnerable to physical attack as well – it just moves the attack from software only to a hardware attack. If your PC is physically secured then it makes no difference if it is a software or hardware attack.
MBR’s/Bootloaders that dump truecrypts password (so people can come along and read it out later) have been available since the day the program came out. You would do better to say that truecrypt is fundamentally flawed than say ‘it has now been cracked’. The source code is available, its trivial to change the boot loader to save the users password to anywhere that can be read later, by your logic it was cracked the day it came out.
Edward, I think both laws are false. Law #1: Even if a hacker managed to get his code running with admin privileges you can still fight back. I have done this numerous times.
Law #3 is also not correct. As I said before, the only purpose of hard disk encryption is to protect against physical attacks.
MikeD, booting from CD is a solution but not really convenient. The point is that there is no security mechanisms that can’t be cracked. However, every script kiddie can now manipulate a TrueCrypt encrypted disk. Hacking BitLocker with TPM is comparably difficult. Just imagine you left your laptop in the hotel room and after you come back you could swear that someone has opened the case. If you used BitLocker to protect your hard disk you are safe, but not with TrueCrypt. It is really that simple.
It seems to me you’re thinking about a specific level of security and not about security in the general case. Your example of the Laptop with BitLocker in the Hotel room tells me that.
It might be true that it’s more difficult to hack BitLocker with TPM and that you’ll probably be safe if the attacker only had a specific amout of time. But that’s talking about a specific security model/policy you’d like to achieve and not about security in general.
Because generally the Laptop would definitely NOT be safe anymore, since you have to assume that the attacker had the know-how and the means to manipulate the hardware of your laptop. You just “assume” he couldn’t have been successfull in this amount of time.
If you have physical access it’s game over. The simplest idea right off of my mind would be just to swap your laptop with a prepared one and have your hard drive pluggined into that. Just because we can’t think of a specific hardware attack doesn’t make it non-existent.
Therefore the only secure way to prevent hardware tampering is to prevent the possibility of access to begin with.
And I have to disagree that the sole purpose of hard disk encryption is to protect against physical attacks. It’s job is to encrypt the whole disk, ant that’s it.
Everything else you want to add to that is an extra. If, for example, you encrypt a textfile with e.g. PGP, then you don’t expect PGP to scan for keyloggers, rootkits, etc. or not? It’d be nice of course, but it just isn’t its job.
If you have the feeling it should be, then that’s one thing, but from the standpoint of general security models this is not standard behaviour. It could be a specific security policy you as an administrator would define on a specific system, nothing more.
About the laws:
Of course you can successfully prevent malicious programs from gaining administrator privilidges. But the point of the law is that if there’s a successfull(!) hacking attempt during wich the attacker gains administrator rights, THEN your computer is really not your computer anymore. The laws are about possible attack vectors and what happens if they are compromised.
Any my point with these laws was that hard disc encryption is only then effective if you also watch the other attack vectors, i.e. making sure (like you said) that nobody gains administrator privilidges and nobody gains physical access.
The purpose of Truecrypt is usually to prevent physical attacks, i.e: Someone steal your laptop.
If someone steal your laptop and it`s truecrypt encrypted, even if they install bootkit or any other malware(Wich would be hard since they could not open windows) They would not be able to by-pass the password unless you meet the robber and type in your password.
I do know someone who had problem with some law, feds came his house and took all his computer, he was using Truecrypt. The feds was never able to open his hard drive, thats a certitude since he only got accuse of using encryption software, on a country where its not allowed.
I am almost certain that if feds/police cannot open a system with truecrypt encryption, no one can. Or, if someone can, i doubt he is the guy that work with feds =)
( The person in question was using a 64 character password with character like !”/$%? on it. )
-( Sorry for my english )-
Ok, once and for all, here’s the very first sentence of the Truecrypt Documentation: “TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume [...]”
And nowhere do they mention that Truecrypt will save you from physical attacks. Simply because it can’t. For MOST people it will suffice to only encrypt the hard drive with Truecrypt to consider their system secured against physical attacks, but that’s a purely subjective assumption.
The user HIMSELF has to make sure he maintains the Truecrypt volume on a system that’s not prone to physical attacks.
Truecrypt Hard Disk Encryption gives you only the same as every file encryption software: It encrypts your data!
But you yourself have to make sure your system won’t be pysically compromised, not Truecrypt. It’s just for pure encryption.
What use is a hard drive encryption software when it doesn’t protect from physical attacks?
Well, it still does, but not in the way you’d think.
A physical attack only then will circumvent the Truecrypt Encryption if it is a) hidden and b) the user then logs into the system while it’s infected.
BUT, if (like Òlivier said) e.g. feds take your computer with them (or mirror your hard drive, whatever) then it’s hardly a process you’re unaware of and without your typing in the password they won’t get to the data.
Another application:
Imagine you want to sell your hard drive one day.
Wiping it still could leave possible traces of your former data behind. But if you encrypted your system with Truecrypt then all that can be salvaged is encrypted data.
So as you can see, the “sole purpose” of hard drive encryption is absolutely NOT to protect from physical attacks. As well as PGP and similar is not there to prevent keyloggers from grabbing your passwords.
This is a fundamental distinction and clearly seperates software/hardware that offer encryption and software/hardware that offers protection against physical access to the machine. (Whereas it the latter case software is not effective because of the nature of the attack, so only hardware measures make sense like putting your computer in a special safe or whatever.
Òlivier, good that someone believes me hat hard disk encryption is supposed to protect against physical attacks. The problem with TrueCrypt is that if someone has physical access during a short time (seconds) your system can be already compromised.
Edward, >>It’s job is to encrypt the whole disk, ant that’s it.
So the reason you encrypt a hard disk is because you want to encrypt it? Sounds a bit circular to me. This is what Microsoft says about the purpose of BitLocker:
“Drive encryption protects data by preventing unauthorized users from breaking Windows file and system protection on lost, stolen or inappropriately decommissioned computers.”
Perhaps Microsoft just makes higher demands on hard encryption than TrueCrypt.
Michael,
The purpose of hard disk encryption (and any encryption for that matter) is that if the encrypted data is stolen (physically or otherwise), it will never be readable without the password.
Only the one who has the password or key can read the data.
Now if someone else gains access to the password or key, then they can also read that data. TrueCrypt does not protect against other people acquiring your password through keyloggers, videosurveillance, or other means of spying on you. And what this article describes is essentially a glorified keylogger, installed in MBR. If that gets installed, it’s only because your system was compromised.
A simple analogy: if you have a keylock, and someone manages to duplicate your key by taking a picture of it as you are about to put it in the keylock, can you blame the keylock ?
BitLocker does not just do hard disk encryption, it also adds tamper-proofing using the TPM. So it is more secure than TrueCrypt, not because TrueCrypt doesn’t do its job properly, but because BitLocker does more. If you have a TPM, go for BitLocker, obviously.
In the end, if you TrueCrypt-encrypted hard drive goes into other hands, and only you have the password, nobody will read your data. That is TrueCrypt’s sole purpose, and it does it flawlessly (for the moment).
If this is a crack, then tampering the keyboard to send keystrokes elsewhere (wirelessly for example), is also a crack. But it’s not, so nothing has been cracked, the title is simply wrong.
Just to be more clear on the BitLocker thing, since you seem to use it as comparison: Microsoft does not make higher demands on hard drive *encryption* (their algorithms are probably not any more secure than TrueCrypt’s), they make higher demands on hard drive *protection*. They just implemented more security, which is outside the scope of strict hard disk encryption.
If they added an antivirus for example, you would not say that hard disk encryption is about antivirus, would you?
ENOUGH!!!
First off, I don’t think many of you even understand what a bootkit is..
Second: Both sides are arguing two different points. One side saying that TrueCrypt has been “cracked” because it’s possible for keyloggers to detect your password. A very clever method, but absolutely NO form of encryption has been cracked.
Therefore the title of this article is misleading.
As for the Bootkit issue: Truecrypt 6 fully encrypts the boot loader where bootkits are stored. In fact, TrueCrypt creates its OWN boot loader that is launched before the MBR. If you encrypt your boot partition, even a bootkit cannot see your password because you enter the password before the MBR is loaded.
So even if someone got your Windows user/pass, and other TrueCrypt volume passwords, your pre-boot password will remain secure.
If you do not encrypt your boot partition, consider all your data compromised. Even if you make an encrypted file, those files are stored in an un-encrypted cache file for all to see.
The only way to prevent ANY access to ANY data is to secure your boot partition.
(BTW, the largest case for deniability isn’t with TrueCrypt, it’s with your right to remain silent. You have a right to protect yourself against self-incrimination. Legally you don’t have to give your password to anybody despite what they may tell you.)
P.S. Don’t use any default Microsoft encryption methods. It didn’t take long to crack EFS for XP. Microsoft is in to the make money business, TrueCrypt is in the secure your [censored] business.
Great discussion. Thank you all.
If the system has not been previously compromised by previously installed malware, it is impossible for one to read/access data on a TrueCrypt-encrypted hard disk if they don’t the password. Correct?
For example, I lose my laptop. The physical hard disk may or not be removed from inside the laptop. Even if it IS removed and placed/connected to some other fancy and device in some well-funded “decrypting room,” my data is still secure, correct?
Of course I am assuming I used a strong, very strong password.
Cheers,
Bert
@ Bert
Correct.
If your hard drive is fully encrypted with a very strong password (uppercase, lowercase, symbols, numbers) of decent length (15-20+ characters) it would take thousands of supercomputers many many years to break it. Since there is no agency on the planet that would dedicate such resources, your information will remain secure.
I have tried many programs, may different ways. Even if you connect your drive externally to another computer to break it, it will be next to impossible. This is a double edged sword, it will keep anyone out of your hard drive, but if you forget your password… that’s it. There is no password recovery. There are brute force programs that can help, but you have to put in pre-defined hints for it to work, and even then… it’s a slim slim chance.
So the short answer is yes, it will remain secure. Very secure.
-Nate-
Antoine, you are right, TrueCrypt hard disk encryption still protects your data if your laptop gets stolen. But this is certainly not the only purpose of hard disk encryption. For example, travelers also want to be sure that nobody installs a trojan while their laptop is physically unprotected when they are not in the hotel room. There are solutions that support this kind of protection so why bother with TrueCrypt?
Nate, Peter Kleissner’s attack is not about getting the pre-boot password. It is about installing malware on the TrueCrypt “protected” partition. Do you want to say that Kleissner is wrong?
Bert, this is not at all about a previously compromised system. On the contrary, the only purpose of this attack is to compromise the system. I think this form of attack is even more dangerous. Every chambermaid can now crack a TrueCrypt encrypted hard disk within minutes by inserting a USB stick in your laptop to install malware without knowing any password. This way not only the data that actually is in your hard disk is compromised. The installed malware can send all data that you store on it in the future through the internet to the attacker. This laptop might even compromise your company’s whole network.
In my view, a hard disk encryption solution that can’t protect you against such attacks is not worth the hassle of messing with your hard disk. It does not really matter what the TrueCrypt developers write about the purpose of their hard disk encryption on their website. It would be better they don’t offer hard disk encryption at all and just focus on file encryption. Such half-baked solutions only lull users in a false sense of security. I think the comments on this page demonstrate this very well. (No offense intended)
Ok, Ihave been reading more on this. I simply want to secure my laptop when traveling.
The attacker may compromise the system in my absence. But I still HAVE to enter my password before my data is compromised. I can still boot from TrueCrypt rescue CD, if I have any reason to believe an attacker got a hold of the laptop. My main concern is with the data being secure if laptop was lost.
That being said, with a strong password, say 30 characters, including symbols like %^&*(), is the least-system-intensive AES by itself secure enough? I know you could use three algorithms at once, like AES-Twofish-Serpent, but that would use lots of system resources, seems like.
Thank you,
Bert
Bert, the problems is that you will not know that someone installed a trojan while you left your laptop unattended in the hotel room. It doesn’t matter that the attacker doesn’t have the TrueCrypt password. The trojan will send all your data through the Internet without your knowledge until the end of days. The best encryption algorithm is useless if the implementation has a security hole.
But trying to prevent a Bootkit from installing is futile.
I mean, where does it end then? What about hardware keyloggers? You simply can’t protect your computer from being compromised by adding more and more such functionality to a “disk encryption” software.
So YOU have to make sure to implement these features yourself so that a compromise is not possible.
If you leave your laptop in your hotel room, then it’s per definition compromised. You HAVE to assume this in the security trade.
Therefore, to prevent access, put it in a safe or put it at least in a very secure briefcase.
Neither pure encryption NOR trying to prevent compromise via software solutions will be able to stop an attacker from gaining admin privileges hardware wise. If you don’t secure your system on the hardware side, it’s potentially vulnerable, no matter if you have Bitlocker or not, since I can do a multitude of things hardware wise that can circumvent any software measures. This is a simple fact.
So how more secure is Bitlocker with TPM?
It SEEMS more secure at first, but that’s only if you believe in a world of non-hardware attacks.
And besides, would you really fully trust a closed source encryption software over an open-source one?
If one would trust the former, then he really isn’t a security specialist at all, since he breaks one of the simplest rules. And that’s not a dogmatic IT-Security rule, it’s merely rational thinkging.
And still, the word “cracked” is simply wrong.
If there’s a flaw in the programming which you can exploit through the use of cryptanalysis, THEN and only then is an algorithm cracked.
But if you find other measures to “get around” it, then you made a sidechannel attack, but that didn’t crack the algorithm. The algorithm is still secure.
Example: There are weaknesses in WEP which have been used to crack its algorithm. Therefore WEP is not secure anymore. WPA on the other hand still needs (in the end) brute forcing. That’s because it hasn’t been cracked yet.
Or chip cards. A while ago it has been discovered that with measuring the current consumption of the card while entering certain numbers as a PIN, you could actually find out the PIN. Still that didn’t make the encryption algorithm cracked, since it was still cryptanalytically safe. There were weaknesses in OTHER parts of the card itself that made a side channel attack possible.
So using the word “cracked” for this article is wrong, no matter what you say, that’s the consensus of every IT-Security specialist.
And @Bert:
The simplest method to know that a Bootkit can’t grab your password is to only boot your computer via the Rescue-CD you have burn during the system encryption of TrueCrypt.
But as I and many others have said already:
This will not save you from any hardware measures working against you. Buy a good secure briefcase and implement yuor own measures to find out if someone replaced your briefcase with a duplicate.
But if that happened, then your foes are a bit more serious. It all depends on your real security needs and the probability of a certain attacker type.
Your title is wrong, you don’t know what “encryption cracked” means. Read some books about this topic to learn what this means. You are misguiding people with that title.
reader, I think the title is perfectly correct. Did you read the discussion?
But Michael, what about my comment, didn’t you read that?
I explain perfectly why it’s not cracked and even what it actually is.
You might have your own personal expectations about what makes a security product cracked and what not.
But that is totally different from what is considered to be cracked or not in the IT-Security community.
The title IS misleading and does not represent reality, no matter what your personal preference is.
This is really not an attack, I’d just like to motivate you to rethink your decision for the title that has a potential misleading effect on many readers on the internet.
What I said in my last post is an important distinction that is really how IT-Security works.
Edward, sorry I oversaw your comment. First of all, you claim that your represent the IT community. Any evidence for that? It is not that they I really care about the opinions of communities though. I only care about arguments.
As to your argument, I think you make the same mistake as many so-called security experts. You don’t distinguish between “cracked” and “vulnerable”. Of course, there is no IT system which is not vulnerable. That is, with enough effort you can break any security system. The point is always if the necessary effort is worth it.
I call a system cracked, if literally anyone can break its security mechanisms. And that means that the necessary effort to break a system is almost zero. This is the case if information of how to exploit a vulnerability is publicly available. By the way, Bitlocker has also been cracked recently. (The difference is that the effort to break Bitlocker is significantly higher than with TrueCrypt.) Therefore, as long there was no exploit publicly available, TrueCrypt and Bitlocker where just vulnerable to different kinds of attacks (not only physical attacks), but now they are also cracked.
The attack described in the article above can be easily done by a maid who is equipped with the right memory stick. It only takes a few seconds until the malware is on your “encrypted” disk. She doesn’t even have to open the laptop case. The other attacks you describe are far more complicated and time consuming and can only be done by experts. This is the difference between a vulnerable system and a cracked system.
I am quite aware of the fact that the TrueCrypt developers say that their hard disk encryption does not protect against physical attacks. Microsoft used the same excuse after Bitlocker was cracked. It is true that Bitlocker and TrueCrypt still offer protection against stolen notebooks. However, I am quite sure that most users are not aware of the fact how easy it is now to access their “encrypted” data. Therefore, the headline is perfectly justified because the expectations of the “user community” are not met anymore. From a user’s perspective TruCrypt has been cracked, no matter how the “security experts community” or publishers of security products would like to define the term “cracked”. This is not just a matter of personal preference or expectation, this is common sense.
I never claimed in any of my comments that I represent the IT
community. I only said that “I’m studying IT-Security and I can assure
you that nobody in the community would call this a crack”. Then I
explained that the reason for that is, that a crack is only then
accomplished, if the underlying security mechanism has
cryptanalytically been broken and that a compromise that works around
a security mechaism is called a “side-channel-attack”.
You said you call a (security) system cracked, “if literally anyone
can break its security mechanisms”.
And I think this is the most important point. You have a certain
definition for “cracked” that differs from most IT specialists.
Mind you I’m not saying it is incorrect.
I agree with you that for the layman’s expectation the title might not
only be sufficient, but also necessary, because he/she wouldn’t have
the know-how to implement TrueCrypt in the right way to prevent such
an attack.
But on the other hand it paints a not-quite-right picture of the situation.
Truecrypt in itself is not cracked. It does not advertise the
protection of the computer in case of physical access without the
knowledge of the user.
It’s only part is ensuring that data is properly encrypted so that
nobody can access your data without the proper password.
Now, of course you could say that it should be in the scope of
Truecrypt to make sure that any physical access by an attacker won’t
compromise its security.
But that’s just not the job of Truecrypt. That would be the same as
saying it should protect you from hidden cameras that look at the
password while you’re typing it. So why should it protect only from
certain arbitrary measures?
And what’s more:
There is nothing ANY software solution can do to prevent its
circumvention by hardware means.
That’s the reason why Bitlocker won’t be any better at protecting
against hardware attacks.
But I agree again that when you speak in terms of to what degree a
system is vulnerable, then you can absoultely say: Truecrypt is more
vulnerable against Hardware attacks than Bitlocker. And then I agree
you could go on and say, as soon as a vulnerability is easily
exploitable by everybody, you could say the system is “cracked”.
But if you only declare the latter, then you’re completely
disregarding the context in which this is true.
Because Truecrypt is not in “itself” cracked, on the contrary it works
quite well if implemented correctly (after all it uses algorithms
which haven’t been cracked yet). It’s only in the context of how much
vulnerable Truecrypt is in the context of hardware attacks.
Since you had this context in mind while creating your title I agree
with you that (with that context in mind) you’re absolutely right in
saying that Truecrypt has been cracked. Still this makes the title
misleading though, because one would not automatically associate the
specific context (hardware attacks) with that title, but that it has
been cracked in general (that is, in its ability to properly encrypt
your data), which it obviously hasn’t.
Therefore I would suggest to at least include the context (on which
basis you created) in the title, along the line of e.g. “TrueCrypt
hard disk encryption isn’t safe from hardware attacks”.
Whatever you’ll decide though, I’m glad I finally understand the
reasons for the choice of the title. So in the end I would say we were
both partly wrong and partly right at the same time.
All things considered, what do they say? Never judge a book by its
cover. Or title for that matter.
Because no matter what the title of your article might be, the actual
article itself explained the context properly and without a doubt.
To Michael Pietroforte,
I hope you don’t think yourself as a true “IT Guy” posting a link like this with mis-leading title. Flat out, you are wrong. The encrypting routine/mechanism itself would have to be discovered for TrueCrypt to be “cracked” as stated. Compromising the system in the manner described is hardly a “crack”. I suggest you read the articles you post before posting them and comparing apples to oranges.
I know I am not the only one here who feels troubled by it as the comments continue to poor in…
or are we all playing into a ruse to boost page views and google rank furthering your organic google results?
If this was a digg article I would have surely buried it.
Edward, you claim that most IT specialists use the word “cracked” in a different manner, but you didn’t provide any evidence. I am working now in IT for almost 30 years and have read countless articles and books about this issue. I can assure you that the people don’t even agree about the difference between hacking and cracking. There is no “definition” of the word “cracked”. It seems to me that you are confusing “cracking” with “breaking cryptanalytically”. But cracking encryption solutions has really nothing to do with cryptanalysis. Real word hackers are not interested in cryptanalysis because they don’t need mathematics to crack systems. Of course, I don’t claim that any of the crypto algorithms that are used by TrueCrypt have been cracked. But real word cracking of encryption systems has nothing do with crypto algorithms. This is not a blog for mathematicians. I write for admins. Therefore, the title is not misleading at all.
I also think that discussions of the “true meaning” of the word “cracked” are rather pointless. My main point is that it is possible to create hard disk encryption solutions that can’t be so easily cracked as TrueCrypt. Of course this is only possible if the BIOS and additional hardware is involved. Furthermore, any encryption solution that requires users to type a password on the computer keyboard is unsecure. By defending TrueCrypt you are supporting inherently unsecure software and give end users a false sense of security. The context is not really important. The message of this title is not to use TrueCrypt hard disk encryption because it is unsecure. The intentions of the TrueCrypt developers don’t matter either. Just don’t use or recommend this software if you want to protect sensitive data.
A note to all new commentators. You are free to express your disagreement with the title. However, I will only respond if new arguments are provided. Thus I suggest that you read the discussion here first before you reply.
Mike,
When you have the ability to reach a broad audience you need to fact check everything because mis-information is best left to major news media.
Firstly, you say:
“There is no “definition” of the word “cracked”.
There absolutely is a definition. Anyone will agree.
“But cracking encryption solutions has really nothing to do with cryptanalysis.”
Cryptanalysis (from the Greek kryptós, “hidden”, and analýein, “to loosen” or “to untie”) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so.
“Real word(sic) hackers are not interested in cryptanalysis because they don’t need mathematics to crack systems.”
Now you’re re-defining hacker to suite your needs. This is typical of someone who doesn’t want to admit they are wrong, which should have occurred about 35 posts ago.
I would have enjoyed your article if you had of gotten a clue from your audience but apparently you are too arrogant for that. I honestly do not say that to offend you and I realize my first post was very aggressive. I don’t want to be taken that way. I’m open minded to a certain degree and I apologize for my hostility but I am very passionate about technology and IT. Especially when it comes to mis-information. To some degree I know that it might be seen as semantics but the reality is that it is not. I don’t speak for everyone rather I appeal for your reconsideration when classifying such terms with reputable solutions.
Nick, there is only one thing in your comment I can agree with. It is true, I am arrogant. But the rest is only miss information.
You know what is typical for someone who has no arguments? He says sentences like this: “I am right and your are wrong because anyone agrees with me but not with you.”
You copied one explanation of the word “cryptanalysis” correctly. (It is no definition because definitions only exist in mathematics.) Now I have a question for you. If a hacker obtains a password using social engineering and is then able to access encrypted information. Did he do cryptanalysis?
“If a hacker obtains a password using social engineering and is then able to access encrypted information. Did he do cryptanalysis?”
If you apply this:
“Cryptanalysis (from the Greek kryptós, “hidden”, and analýein, “to loosen” or “to untie”) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so.”
Then no, he didn’t, because the paragraph says cryptanalysis is the study of METHODS for obtaining the meaning of encrypted information without the access to the secret information, and not for OBTAINING the meaning [...].
In that sense the social engineer might’ve studied the methods or not, in the end he applied one of them.
That was just nitpicking though.
As for your earlier message:
First you ask me for evidence, then you immediately go on and tell me about your 30 year experience and then make claims yourself.
I wonder if you would’ve made that argument if I didn’t say I’m a student.
Now, I don’t intend to turn this into a conversation where we are holding up mirrors.
I do claim to have precise knowledge about what exactly cryptanalysis and all the other things “of the trade” are, simply because I’m studying the field and work together with specialists in the field. As for competency in the field of IT-Security, one example: They invented the Copacobana, a low-cost version of Deep Crack.
This doesn’t prove that my understanding of IT-Security is any better, of course. The only point I wanted to make with the last paragraph was to show where I’m coming from:
IT-Security. My whole understanding of your article is based on a frame of mind of a “IT-Security Guy”.
You said though, that you wrote this aricle for admins.
Seeing that you seem to be an admin yourself, that makes total sense.
And this is where I think the jist of the problem lies.
You’re looking at it from an admin perspective and I am looking at it from an IT-security perspective.
I’m not saying that administration doesn’t involve it-security, but it’s not the sole/main concern of it.
Whereas the main concern of an it-security specialist is just that.
So in the end, the understanding of the same thing (What is a crack, when is a crack a crack, etc.) might be different for these 2 fields.
And, acknowledging that, I want to correct myself.
Your title is not wrong, it might be absolutely correct when you’re talking to admins who understand what you mean.
It’s not correct though if you’re talking to an IT-Specialist though, since the understanding of it in that field is different. At least that’s what I’ve learned (not to be confused with what I was told) AND what I’ve heard from other IT-Specialists at many get togethers. I can’t prove that of course.
One last thing, you also said: “By defending TrueCrypt you are supporting inherently unsecure software and give end users a false sense of security.”
IF TrueCrypt was INHERENTLY unsecure, I might’ve agreed. That’s now correct though, because it is very secure. You just have to implement it correctly and read all the documentation.
If you don’t do that and just install it and feel safer, you haven’t used it correctly.
Now it might be true that the everyday Joe might not be as versed and would end up implementing it in a not so secure way and consequently be very vulnerable to attacks.
But that only shows that TrueCrypt is not necessarily an everyday Joe’s “click-and-secure” tool. If implemented correctly by someone who knows what he’s doing it is a very powerful tool.
But in no way is it inherently insecure. The only way it would give end users a false sense of security would be if the end users refuse to read the documentation and use it wrong. It’s not a “do it all for me” tool, you have to know what you’re doing if you want to secure your data.
To correct a possibly misunderstanding typo:
In the second last paragraph that starts with “IF TrueCrypt was INHERENTLY unsecure, [...]” I wrote “That’s now correct though, [...]”
But I meant to say “That’s not corerct though, [...]”
Sorry for that. Unavoidable