Online security basics: encryption (p.2)

The story of TrueCrypt

TrueCrypt is an almost exemplary folder and file encryption program. The first version of the program was released back in 2004, and at that time TrueCrypt was actually the only open source program for encryption on the go. What does "on the go" really mean? Regular programs for working with encrypted files require you to first decrypt a file or folder, perform the necessary data manipulations, and only then create an encrypted copy of the file or folder, and delete the unencrypted original. TrueCrypt allowed you to create an encrypted folder, specifying a password in the program, and work with an encrypted folder, encrypting and decrypting data on the go, no strings attached. From 2004 to 2014, the TrueCrypt program was updated regularly. Some features were excluded. For example, support for diskettes was removed, when this format has sunk into oblivion, some encryption protocols were also deleted.

With the development of the computer industry, the hacking technologies of encryption methods have also been improved, because of this a number of protocols have ceased to be considered reliable. So, in the last, 7th, version of TrueCrypt, you will not see encryption protocols with a block size of 64 bits (Triple DES, Blowfish, CAST5).

For ten years, the TrueCrypt project has been actively developed and turned into a fundamental software for data protection. All this time, the names of the developers of the program remained a mystery, which gave rise to a number of rumors about the involvement of special services in the development of the application.

Some said that the program was developed by the FBI, others argued that, if not the FBI, then there are certainly bookmarks in the software. TrueCrypt’s popularity grew until the spring of 2014, an inexplicable event occurred that shocked the Internet public. May 28, 2014 project TrueCrypt was closed. The exact reasons for the closure of the project are unknown to anyone to this day. The developers themselves reported on the official website that using TrueCrypt is not safe, and suggested switching to BitLocker, which they always ridiculed. There are many versions and conjectures about what happened, we give the main ones.

The first version says that the security services threatened the developers, the second - that they were lured to work at Microsoft, which explains the BitLocker advertisement, the third - they were tired of promoting and supporting a project that did not make money, the fourth - they actually discovered a critical vulnerability in the product that were able to fix it. The online community has plunged into discussions about the security of TrueCrypt, and God only knows how long they would last if by the beginning of April 2015 an independent audit of TrueCrypt had been completed, for which over 60,000 USD donations had been collected. He did not reveal any vulnerabilities or serious flaws in the application architecture and showed that TrueCrypt is a well-designed cryptographic program. Source: here. We believe that TrueCrypt 7.1 is reliable, and the closure of the project is not related to its security. But chronologically, the latest version of the program (7.2) is not safe and full-featured. This is warned by the developers themselves, and this opinion is shared by many experts.

Therefore, we recommend using the latest stable and reliable version - TrueCrypt 7.1a. Truecrypt

Unprovability of the cryptocontainer

TrueCrypt has many advantages, one of which is the inability to identify an encrypted container. Even if the detractors get access to your disk, point to the cryptocontainer and say “this is a cryptocontainer”, you can safely say that this is not the case, that it is some kind of unknown file. Prove the opposite is impossible. Of course, you can “accidentally” squeeze a finger with a door and then not only recognize the cryptocontainer in the file, but also remember the password. But there is a protection against this, which we will discuss in the chapter on anti-criminalistics, and now just remember that it is impossible to prove the existence of a crypto-container with a file investigation.

Based on this, we recommend that you call your containers somehow neutral and try to mask them as program files. For example, open the folder with the password manager KeePassX and see some strange files with the extension * .dll. Creating a cryptocontainer, let's call it LsQN7.dll and put it in this folder. Only we will know that LsQN7.dll is actually a cryptocontainer. After creating the cryptocontainer and placing it in the KeePassX folder.

Do you see any differences? Just a date? We will teach you to change the date in the part dedicated to the disguise of cryptocoainters. But do not rush to create a cryptocontainer.

Our advice for you is to call the cryptocontainers in such a way that the name does not betray the cryptocontainer. Specify the extension * .dat with cryptocontainers and place it in a folder with other files with the extension * .dat.

We want to warn you that the presence of TrueCrypt on your work computer acts on some ill-wishers like a red rag on a bull. You immediately begin to look for cryptocontainers, demand passwords, and you attribute various criminal intentions from the trade in surfactants to supporting international terrorism.