Stories
Slash Boxes
Comments

SoylentNews is people

posted by LaminatorX on Tuesday June 17 2014, @10:30AM   Printer-friendly
from the Paging-Dan-Brown dept.

In an update to the speculation that TrueCrypt development was officially discontinued as a response to efforts by US intelligence agencies to compromise the project, the TrueCrypt web site seems to contain a secret message warning potential users of NSA interference in the integrity of the software. The apparent message, "Don't use TrueCrypt because it is under the control of the NSA" is read as an acrostic in Latin, contained in the message announcing developer cessation of the project on SouceForge. Two independent analytical exercises, conducted independently, arrive at the same conclusion. User "Badon" at the Live Business Chat message board has a detailed exegesis including screenshots and footnotes.

[EDITOR'S NOTE: I have cross checked this on some Latin specific sites, and the consensus seems to be that it is nonsensical from a perspective of proper Latin grammar and syntax. However, Google Translation does reproduce these results. I can certainly believe that a warning might have been composed using G.T. rather than by consulting a classicist. --ED]

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by HiThere on Tuesday June 17 2014, @08:06PM

    by HiThere (866) Subscriber Badge on Tuesday June 17 2014, @08:06PM (#56634) Journal

    Thank you. Anonymous comments are always reasonable to distrust, but as this is only further backing for what the TrueCrypt developers were recommending anyway, it provides an additional reason to seek a replacement.

    P.S.: If your committee documents were public, it might be useful to include a link.

    --
    Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:22AM

    by Anonymous Coward on Wednesday June 18 2014, @02:22AM (#56729)

    These documents might be available on the IEEE P1619 reflector .. the committee is dormant now that XTS is a NIST and ISO approved mode.

    In the mean time ... and I know this is all of the the pointers, here is the mode of operation reference:

    http://en.wikipedia.org/wiki/TrueCrypt#Modes_of_operation [wikipedia.org]

    See also:

    http://en.wikipedia.org/wiki/Disk_encryption_theory#Liskov.2C_Rivest.2C_and_Wagner_.28LRW.29 [wikipedia.org]

    See also:

    http://en.wikipedia.org/wiki/IEEE_P1619#LRW_issue [wikipedia.org]

    Note in the above URL the following text is full of bogons:

    "Some members of the group found it non-trivial to abandon LRW, because it had been available for public peer-review for many years (unlike most of the newly suggested variants)."

    BTW: Side node: XTS: originally called XTC, but some people objected to the pun on moral grounds (gee wiz). XTS: It may be spelled X T S but you can just say XTC! :)

    Anyway, XTS based on XEX which has been around for a while:

    http://grouper.ieee.org/groups/1619/email/msg01369.html [ieee.org]
    http://grouper.ieee.org/groups/1619/email/pdf00042.pdf [ieee.org]
    http://grouper.ieee.org/groups/1619/email/pdf00086.pdf [ieee.org]

    Rogaway proposed the XEX back in 2004:

    http://www.cs.ucdavis.edu/~rogaway/papers/offsets.pdf [ucdavis.edu]

    And the basis of that work went back much farther. So XTS was no "virgin crypto" by any means. While concerns over LRW mounted, work in XEX (which let to XTC which was renamed XTS) continued. And compared with LRW that was known to be flawed, XTS was way ahead.

    Even though flaws in LRW were known, TrueCrypt defended its use with a surprising zeal. Demonstrated flaws were ignored. The "but we are using it!" cry was, unfortunately, loud. Even so, picking up a proposed draft mode and running ahead with it before it was fully analyzed is a risk. TrueCrypt got burned.

    Today XTS is still holding ground:

    http://www.tandfonline.com/doi/abs/10.1080/01611194.2012.635115 [tandfonline.com]

    However, breaks in crypto only get worse. It is possible that a serious problem with XTS will force a new mode to be developed. It pays to be agile. :)

    • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:38AM

      by Anonymous Coward on Wednesday June 18 2014, @02:38AM (#56734)

      I should have started:

      These documents might be available on the IEEE P1619 reflector .. the committee is dormant now that XTS is a NIST and ISO approved mode.

      In the mean time ... and I know this is NOT all of the the pointers you wanted ... so here is some stuff, such as the mode of operation reference:

      ...

    • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:46AM

      by Anonymous Coward on Wednesday June 18 2014, @02:46AM (#56736)

      Thanks for that post on TrueCrypt, LRW, XTC (laugh) and XTS!

      My 2 anonymous cents:

      There were (are?) commercial products that depend(ed) on the flawed LRW mode. There were employees of those firms who defended their commercial products with as much, if not more zeal than the TrueCrypt Foundation.

      I do not know if there was any crossover or ties between those commercial products that used LRW and the TrueCrypt Foundation. I don't mean to imply there is or was anything sinister with a tie between commercial product and TrueCrypt development. I just waned to point out that the TrueCrypt folks were not the only one upset about the fate of LRW. On the other hand, if there was a tie, it might explain a few things.

  • (Score: 0) by Anonymous Coward on Wednesday June 18 2014, @02:34AM

    by Anonymous Coward on Wednesday June 18 2014, @02:34AM (#56733)

    An interesting thing to test with TrueCrypt is to see how they maintained backward compatibility with LRW. There certainly are ways to do backward compatibility right. TrueCrypt backward compatibility may have done the right way.

    If an attacker could force TrueCrypt code into using only backward compatibility mode, then under certain circumstnces key material encrypted in its own volume could be leaked due to one flaw in LRW. And certainly TrueCrypt disks operating in backward compatibility mode ARE today subject to the problems with LRW:

    http://grouper.ieee.org/groups/1619/email/msg00962.html [ieee.org]
    http://en.wikipedia.org/wiki/IEEE_P1619#LRW_issue [wikipedia.org]