When the developers of TrueCrypt delivered the bombshell that they were abandoning their popular open source encryption program, it left many organizations in a hugely difficult position. Should they continue to use it, or heed the developers' advice that it was no longer secure and switch to another encryption product?
On the face of it, the decision should be an easy one: If the developers of something as security sensitive as an encryption program say that their program is no longer secure, surely it would be rash not to heed the warning.
But with TrueCrypt, nothing is quite as simple as it seems.
The developers are anonymous, and one of the reasons given for abandoning TrueCrypt was the apparent non-sequitur that Microsoft has stopped supporting Windows XP. The product's website bears the text: "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" But any product may contain unfixed security issues.
Conspiracy theories abound: Was this a thinly veiled warning from the developers that the code has been compromised in some way by the NSA? Or that the developers had spotted a fundamental flaw in their code and wanted the world to quietly walk away from the product? Or had they simply had enough of the project and the work involved in maintaining it?
Organizations are loathe to walk away from TrueCrypt because it is free, it is cross platform and, perhaps most importantly, the code is available for inspection. Critically, the code is not just available, but a security audit of the code is underway. The eyeballs on the code are not just theoretical, but are also there in practice -- and they are professional eyeballs at that.
The first part of the code audit was completed in April - a source code assisted security assessment of the TrueCrypt bootloader and Windows kernel driver. No serious problems were found, although many issues were highlighted, including a lack of comments, use of insecure or deprecated functions and inconsistent variable types. The product is also nearly impossible to compile from the source code, which means the majority of users download pre-compiled binaries, with all the attendant security risks.
The next part of the audit, a formal cryptanalysis, is underway.
Keep Using TrueCrypt?
So should organizations that have been using TrueCrypt stop using it, as its authors advise?
Mario de Boer, a Gartner security analyst, believes they should - eventually. "Unsupported software eventually leads to issues. However, I don't think there is a reason to rush. At this moment there is no reason to assume there is a major security issue. I also assume that if the audit reveals a flaw, it will be solvable and someone will fix it," said de Boer, who noted he had not yet seen the results of the cryptographic code review.
An obvious solution is for another group of developers with suitable cryptography expertise to fork the TrueCrypt code and continue to maintain and develop it, but it's an option that the original authors are against. One of the authors said in an email: "I don't feel that forking truecrypt (sic) would be a good idea, a complete rewrite was something we wanted to do for a while. I believe that starting from scratch wouldn't require much more work than actually learning and understanding all of truecrypt's current codebase. I have no problem with the source code being used as reference."
TrueCrypt Lives on
Despite this, a new Swiss TrueCrypt website that claims to be "the gathering place for all up-to-date information" on TrueCrypt has sprung up. The site is the home of a new project which is taking the TrueCrypt code forward and evolving it into a new application called CipherShed.
Jos Doekbrijder, the initiator of the project, said he tried to interest the original authors in joining the project but was unsuccessful. He has also been asked by the authors not to talk further about the contact he has had with them.
But under the terms of the TrueCrypt license - which was a homemade open source license written by the authors themselves rather than a standard one - a forking of the code is allowed if references to TrueCrypt are removed from the code and the resulting application is not called TrueCrypt, Doekbrijde said.
CipherShed will be released under a standard open source license, although it has not yet been decided which one that should be, Doekbrijder added.
Project members have read through every line of TrueCrypt code, and Doekbrijder said that an alpha release of CipherShed -- with references to TrueCrypt removed and the code "cleaned up a bit" -- will be released soon.
But this alpha release is intended only as an interim release to "keep the thing warm in peoples' minds," Doekbrijder said. "Longer term, it is our intention to come out with a completely new product. In our version 1of CipherShed there will be none of the original code from the original authors. In the meantime, there will be releases that fix anything that is not right in the original code. So we will be keeping the product alive and building new code."
TrueCrypt by Any Other Name
What will CipherShed 1.0 be like? Will it add more features to the existing product? Doekbrijder said the new code will be faster and more secure, work with new operating systems like Windows 8, and also be backward compatible so it can open old TrueCrypt containers.
"But we are not thinking of adding functionality," he said. "It will be more about stripping functionality - removing old crypto modules that are not sound and so on. But when newer crypto algorithms come along, we will integrate them into the product."
Gartner's Mario de Boer thinks the CipherShed approach is a sensible one. "I welcome a fork and continuing support for this open source solution refactoring code, patching bugs, fixing licensing and supporting new platforms for existing users," he said.
But the fact that the source code for the product will be available doesn't always mean a great deal to large organizations, he added.
"Many users have no preference for open source, though, and they generally choose centrally managed solutions that include reporting, management and recovery. For these users, with the inclusion of encryption engines in operating systems (like BitLocker Drive Encryption, FileVault 2), it makes sense to use those and start managing them."
As for the argument that closed source software from the likes of Microsoft could have been compromised by the NSA, the prize for the best comment goes to Arstechnica user weathertop. "Whether or not there is a back door for the NSA, or whatever ridiculous fear there is is almost a moot point, because - as has been stated many, many times - if Law Enforcement really wants your data, they will get it through coercion, prison, or beating the hell out of you."
Paul Rubens has been covering enterprise technology for over 20 years. In that time he has written for leading UK and international publications including The Economist, The Times, Financial Times, the BBC, Computing and ServerWatch.