[ISN] Schneier research team cracks TrueCrypt

From: InfoSec News <alerts_at_private>
Date: Fri, 18 Jul 2008 02:48:27 -0500 (CDT)

By Matthew Broersma 
17 July 2008 

Researchers led by BT security expert Bruce Schneier have shown that 
deniable file systems — designed to hide data so effectively that there 
is no trace of its existence on a user's system — may not be so deniable 
after all, due to the interference of standard applications and of the 
operating system itself.

The researchers found that TrueCrypt, one of the best known deniable 
file system (DFS) products, left evidence of its existence in ways that 
would be straightforward for investigators to spot. This was due not to 
flaws in TrueCrypt itself but rather to the fact that the surrounding 
software is not designed to keep deniability intact, Schneier said.

The principle of deniability, also known as steganography, is to go one 
step further than encryption, hiding evidence that there is any 
encrypted data to search for in the first place.

Systems such as TrueCrypt are designed, for example, to allow users to 
store sensitive information on a laptop passing through increasingly 
invasive border controls, as detailed in a recent article on ZDNet.co.uk 
sister site CNET News.com, cited in Schneier's research.

TrueCrypt uses the AES-256, Serpent and Twofish encryption algorithms, 
and it has been claimed that its hidden volumes cannot be distinguished 
from random data. The system offers two levels of 'plausible 
deniability', in case the user is forced to reveal the password; one set 
of data is revealed by one password, while the truly hidden data is 
revealed by a separate password.

Schneier's research, however, focused on whether a user can plausibly 
deny that there is in fact any hidden data on the system, arguing that, 
if clear evidence can be found of hidden data, the system has failed.


Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Fri Jul 18 2008 - 00:48:27 PDT

This archive was generated by hypermail 2.2.0 : Fri Jul 18 2008 - 01:12:46 PDT