Risk
7/17/2008
10:52 AM
George V. Hulme
George V. Hulme
Commentary
Connect Directly
RSS
E-Mail
50%
50%

TrueCrypt: No Cloaking Crypto For You

Researchers say the steganography feature, also known as the Deniable File System (DFS), in TrueCrypt may not provide the "security by obscurity" users hoped for.

Researchers say the steganography feature, also known as the Deniable File System (DFS), in TrueCrypt may not provide the "security by obscurity" users hoped for.Over at our sister site, Dark Reading, senior editor Kelly Jackson Higgins covered some interesting research conducted by researchers at the University of Washington and British Telecommunications' Bruce Schneier that cracked the DFS feature. In a nutshell, the DFS feature aims to both encrypt files and then hide them in an "invisible" section of the hard drive so that snoops wouldn't know of their existence at all.

It seems certain -- extremely common -- file types, such as Microsoft Vista, Word, and Google Desktop reveal the DFS partition.

From Jackson's story:

The researchers were able to get around DFS in versions 5.0 and below of TrueCrypt's encryption-on-the-fly tool, and will present their findings on the hack at the Usenix HotSec '08 summit next week in San Jose, Calif.

However, the developers of the open source TrueCrypt say the latest version isn't vulnerable, but highly regarded cryptographer Schneier ain't buying that claim, and contends DFS is easier to hack than encryption:

TrueCrypt's developers, meanwhile, say the just-released new version of the software, 6.0, remedies the leakage problem with DFS. "To our best knowledge, TrueCrypt 6 solves all the issues," says David, one of TrueCrypt's developers. The new features include the ability to create and run a hidden encrypted operating system, for example.

Schneier, however, isn't convinced that TrueCrypt 6 can't be hacked. The version had not yet been released when he and the UW researchers did their work, but Schneier thinks the outcome would likely be basically the same. "The new version will definitely close some of the leakages, but it's unlikely that it closed all of them," he says. Schneier, who has studied the viability of the so-called "deniable" file system model in the past, says DFS is actually easier to hack than encryption, and that there may be no way to make files truly undetectable on a drive. "Deniability is a much harder security feature to enable than secrecy," he says. (See Schneier On Schneier and Schneier: In Touch With Security's Sensitive Side.)

Now, proving that a file exists does, in fact, break DFS -- but that's not the same as recovering the encrypted file. The researchers say that only some of the file's contents can be recovered when encrypted in DFS.

My takeway: ignore the DFS feature and use TrueCrypt's full disk encryption. That's always been safer than only encrypting files and folders.

The full paper is available here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0993
Published: 2014-09-15
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file.

CVE-2014-2375
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

CVE-2014-2376
Published: 2014-09-15
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2377
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.

CVE-2014-3077
Published: 2014-09-15
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant