The TrueCrypt On-Disk Format—An Independent View

BROŽ, Milan a Václav MATYÁŠ. The TrueCrypt On-Disk Format—An Independent View. IEEE Security & Privacy. 2014, roč. 12, č. 3, s. 74-77. ISSN 1540-7993. Dostupné z: https://dx.doi.org/10.1109/MSP.2014.60.

Základní údaje

• Originální název: The TrueCrypt On-Disk Format—An Independent View
• Autoři: BROŽ, Milan (203 Česká republika, domácí) a Václav MATYÁŠ (203 Česká republika, garant, domácí).
• Vydání: IEEE Security & Privacy, 2014, 1540-7993.

Další údaje

• Originální jazyk: angličtina
• Typ výsledku: Článek v odborném periodiku
• Obor: 10201 Computer sciences, information science, bioinformatics
• Stát vydavatele: Spojené státy
• Utajení: není předmětem státního či obchodního tajemství
• Impakt faktor: Impact factor: 0.731
• Kód RIV: RIV/00216224:14330/14:00073682
• Organizační jednotka: Fakulta informatiky
• Doi: http://dx.doi.org/10.1109/MSP.2014.60
• UT WoS: 000338192200013
• Klíčová slova anglicky: The TrueCrypt; full disk encryption; cryptography; data format
• Příznaky: Mezinárodní význam, Recenzováno

Anotace

Full disk encryption (FDE) is a common way to prevent unauthorized use of data by encrypting the whole storage device. TrueCrypt (www.truecrypt.org) is one of the widest-known open source tools providing FDE. It’s available for multiple OSs including Windows, Mac OS, and Linux, letting you share encrypted storage among these systems. Unfortunately, there are license problems and questions related to implementation security. An ongoing community-funded project aims to review license issues and perform a full security audit of source codes (see istruecryptauditedyet.com). We took a different approach. We implemented independent, fully TrueCrypt-compatible, volume handling for Linux, using open source and native Linux technologies. We then released the code under the common open source license. Our most important implementation goal was to disregard the original source code (we didn’t want to use it even for reference), to avoid either tainting our code with hidden problems or violating the original license. We wrote our TrueCrypt format-handling code from scratch using only the available documentation, inspired partly by tc-play (github.com/bwalex/tc-play), another independent open source implementation. The following format description is based on our implementation. Although we intended our implementation only for Linux, our comments apply for all supported architectures. We hope this article, which includes comments on older and problematic TrueCrypt encryption modes, provides interesting insight into the TrueCrypt data format history.

Návaznosti

• GBP202/12/G061, projekt VaV: Název: Centrum excelence - Institut teoretické informatiky (CE-ITI) (Akronym: CE-ITI)

Investor: Grantová agentura ČR, Centrum excelence - Institut teoretické informatiky