Thursday, December 14, 2017
Home Tags Truecrypt

Tag: Truecrypt

The next major version of OpenVPN, one of the most widely used virtual private networking technologies, will be audited by a well-known cryptography expert. The audit will be fully funded by Private Internet Access (PIA), a popular VPN service provider that uses OpenVPN for its business.

The company has contracted cryptography engineering expert Matthew Green, a professor at Johns Hopkins University in Baltimore, to carry out the evaluation with the goal of identifying any vulnerabilities in the code. Green has experience in auditing encryption software, being one of the founders of the Open Crypto Audit Project, which organized a detailed analysis of TrueCrypt, a popular open-source full-disk encryption application.

TrueCrypt has been abandoned by its original developers in 2014, but its code has since been forked and improved as part of other projects. Green will evaluate OpenVPN 2.4, which is currently the release candidate for the next major stable version.

For  now, he will look for vulnerabilities in the source code that’s available on GitHub, but he will compare his results with the final version when released in order to complete the audit. Any issues that are found will be shared with the OpenVPN developers and the results of the audit will only be made public after they have been patched, PIA’s Caleb Chen said in a blog post. “Instead of going for a crowdfunded approach, Private Internet Access has elected to fund the entirety of the OpenVPN 2.4 audit ourselves because of the integral nature of OpenVPN to both the privacy community as a whole and our own company,” Chen said. The OpenVPN software is cross-platform and can be used both in server or client modes.
It’s therefore used by end-users to connect to VPN servers and by companies to set up such servers.

The software is also integrated in commercial consumer and business products.
A new Google program aimed at continuously fuzzing open source software has already detected over 150 bugs. The program, OSS-Fuzz, currently in beta mode, is designed to help unearth programming errors in open source software via fuzz testing.

Fuzz testing, or fuzzing is when bits of randomly generated code is inputted into programs as a means to discover code and security flaws. Chrome security engineers Oliver Chang and Abhishek Arya, Google software engineers Kostya Serebryany and Mike Aizatsky, and Meredith Whittaker, who leads Google’s Open Source Research group, announced the project last Thursday. Our fuzzing-as-a-service for opensource software is now in beta! — Kostya Serebryany (@kayseesee) December 1, 2016 The program was developed with help from the Core Infrastructure Initiative, a Linux Foundation collaborative that counts Cisco, Facebook, and Microsoft among its members. “Open source software is the backbone of the many apps, sites, services, and networked things that make up ‘the internet.’ It is important that the open source foundation be stable, secure, and reliable, as cracks and weaknesses impact all who build on it,” the engineers wrote Thursday, “OSS-Fuzz’s goal is to make common software infrastructure more secure and stable by combining modern fuzzing techniques with scalable distributed execution.” The project is built on fuzzing engineers such as libFuzzer, sanitizers, AddressSanitizer and a distributed fuzzing infrastructure that catalogs fuzz statistics called ClusterFuzz. The program has identified bugs in projects pcre2, libchewing and FFmpeg so far.

Even more impressive is that Google claims OSS-Fuzz is cranking out four trillion test cases a week. Engineers say FreeType, an open source library that’s used to display text, is a perfect example of what OSS-Fuzzing can achieve. One of FreeType library’s developers, Werner Lemburg, adopted OSS-Fuzz early on.
In October, after a heap buffer overflow was identified in the library, OSS-Fuzz notified the maintainer, who went on to fix the bug.
It was confirmed fixed by OSS-Fuzz the same day, Google says. While the program is in its infancy, developers and open source proponents have lauded Google for the program. Alex Gaynor, who writes a lot of open source code and previously served as the director of the Python Software Foundation and the Django Software Foundation, tested OSS-Fuzz late last week and called the experience “extremely good.” “I definitely think it’s something that every OSS project should take a look at,” Gaynor told Threatpost Monday. Gaynor, who penned a blog entry around his experience on Saturday, used OSS-Fuzz to test libyaml, a C library YAML 1.1 parser and emitter that’s the basis for both Python and Ruby’s YAML libraries.

The program ran 17 billion testcases against the library in under a day, according to Gaynor, roughly 30 days of CPU time in less than a calendar day. While developers have to build fuzzers specific to their project, OSS-Fuzz does most of the work, Gaynor says. He added that in his short experience, sending pull requests for projects is easy enough. The program will file any bugs it discovers privately and leave a comment when it thinks a crash has been fixed.
It makes the bug public seven days after it’s been fixed and even “handles automatically rebuilding when the upstream source changes,” Gaynor points out. “It was almost no work to write a fuzzing function and get it running, and OSS-Fuzz handles tons of the details around making fuzzing at scale practical; this makes the experience far more pleasant than if I’d jerry–rigged something together myself,” Gaynor, who currently works for the United States Digital Service–part of the Executive Office of the President, wrote. Gaynor said Monday the only area OSS-Fuzz might need a slight tweak in is its user interface. “In terms of areas for improvement, the biggest one would be the UI used for looking at stats and crash reports, which needs a bit more polish for non-internal audiences,” Gaynor said. Open source software experts like Jim Zemlin, executive director at the Linux Foundation, also took time to laud the project on Twitter last week. This is making the internet more secure with thanks to @mer__edith and Google team.

Devs should check this out: — jzemlin (@jzemlin) December 1, 2016 Now that the program has been announced, Google claims its main focus is fostering OSS-Fuzz usage. The company is encouraging open source projects, as long as they have a large user base, to join OSS-Fuzz.

By doing so, developers would have to subject themselves to Google’s 90-day disclosure deadline but they’d also be joining a rich open source community, the engineers say. While often viewed as a nuisance, low level bugs like buffer overflow and use-after-free vulnerabilities can have a pivotal impact on software security, especially in the open source realm. Vulnerabilities in libStageFright, a software library coded in C++; part of the Android Open Source Project, led to a series of bugs last year which went on to enable remote code execution and privilege escalation. The venture is one of the latest efforts from the CII to bolster open source software security.

Earlier this year the consortium unveiled a badge program designed to help developers self-certify their projects.

The program, which counted GitLab, Node.js, and OpenSSL as early adopters, encourages open source software to follow best practices and self-disclose their security aspects. The CII was also behind the Open Crypto Audit Project, which was responsible for last year’s TrueCrypt audit and also helped fund the current large scale audit of OpenSSL.
Security researchers have completed the Open Source Technology Improvement Fund-backed audit of encryption platform VeraCrypt and found eight critical, three medium, and 15 low-severity vulnerabilities. The team behind the popular tool addressed the audit's findings in VeraCrypt 1.19. This is how security audits should work. OSTIF said VeraCrypt 1.9 is safe because most of the the flaws have been addressed. Some vulnerabilities were not addressed in this version, due to the "high complexity for the proposed fixes," but workarounds for those exist. "As long as you are following the documentation for known issues and using it as advised, I believe [VeraCrypt 1.9] is one of the best FDE [full-disk encryption] systems out there," said Derek Zimmer, OSTIF CEO and president, in an Ask-Me-Anything Q&A on Reddit. Zimmer is also a partner with virtual private network service provider VikingVPN. OSTIF hired Quarkslab senior security researcher Jean-Baptiste Bédrune and senior cryptographer Marion Videau to check the VeraCrypt codebase, focusing on version 1.18, and the DCS EFI Bootloader. The audit focused on new security features that were introduced into VeraCrypt after the April 2015 security audit of TrueCrypt. VeraCrypt is the fork of that now-abandoned encryption tool, and is backwards-compatible. Four problems in the bootloader -- keystrokes not being erased after authentication, sensitive data not correctly erased, memory corruption, and null/bad pointer references -- were found in the audit and fixed in version 1.19.  A low-severity boot password flaw, where the password length could be determined, was also addressed.  While the information leak itself is not critical, as the system needs to be booted and privileged access is required to read BIOS memory, the vulnerability needed to be fixed because an attacker knowing the length of the password would hasten the time needed for brute-force attacks, the audit said. VeraCrypt relied on compression functions to decompress the bootloader when the hard drive is encrypted, to create and check the recovery disks if the system is encrypted and uses UEFI, and during installation. The audit found that all the compression functions had issues. VeraCrypt was using XZip and XUnzip, which had known vulnerabilities and were out-of-date. "We strongly recommend to either rewrite this library and use an up-to-date version of zlib, or preferably, use another component to handle Zip files," the auditors said. VeraCrypt 1.19 replaced the vulnerable libraries with libzip, a modern and more secure zip library. UEFI is one of the most important -- and newest -- features added to VeraCrypt, so the auditors paid extra attention to this part of the code. All code specific to UEFI is in the VeraCrypt-DCS repository, and was "considered much less mature than the rest of the project" by VeraCrypt's lead developer, the researchers wrote in the audit report. "Some parts are incomplete, or not incomplete at all." In the audit summary OSTIF wrote that "VeraCrypt is much safer after this audit, and the fixes applied to the software mean that the world is safer when using this software."   As a result of the audit, VeraCrypt dumped GOST 28147-89 symmetric block cipher, originally added in VeraCrypt 1.17, due to errors in how it was implemented. GOST 28147-89 encryption was a Soviet-developed alternative to DES designed to strengthen the algorithm. All compression libraries were considered outdated or poorly written, the audit found. The implementation "fell short," Zimmer said in the Reddit AMA. In version 1.9, users can decrypt existing volumes that used the cipher but cannot create new instances. Users who used the GOST cipher that was removed as part of the audit should re-encrypt old partitions using the latest version. Users should also re-encrypt on all full-disk encryption systems since a number of issues with the bootloader have been fixed. Anyone who used pre-1.18 versions should re-encrypt partitions because of the bug related to the discovery of hidden partitions. VeraCrypt is a fork of TrueCrypt, which developers abruptly shut down in May 2014, hinting at unspecified security issues. There were concerns that the platform had a backdoor or some other flaw compromising the tool. The audit was necessary to assess the overall security of the platform. OSTIF said TrueCrypt 7.1a should no longer be considered safe because it is no longer under active maintenance and it is affected by the bootloader issues uncovered in the audit. However, the audit report also suggested that the weaknesses in TrueCrypt 7.1a do not affect the security of containers and non-system drives. It is easy to dismiss VeraCrypt as being unsafe because of the issues uncovered, but that ignores the entire value of having an audit. If the audit had uncovered issues and the team had refused to fix the issues, or were unresponsive to requests from the auditors, then that would give cause for concern. In this case, Quarkslab completed the audit in a month, and the maintainers fixed a significant number of the issues and documented in detail how to handle the other issues that hadn't been addressed. Yes, the auditors found some questionable decisions and mistakes that shouldn't have been made in the first place, but there were no problematic backdoors or any vulnerabilities that compromise the integrity of the full-disk encryption tool. The nature of open source development means the source code is available for anyone to examine. But, as has been repeatedly shown over the last few years, very few developers are actively looking for security flaws. This is why, despite the "many eyeballs" approach, Heartbleed and Shellshock and other critical vulnerabilities lingered in OpenSSL for years before being discovered. With an audit, professionals scrutinize every line of the open source software's source code to verify the integrity of the code, uncover security flaws and backdoors, and work with the project to fix as many problems as possible. The audit is typically expensive -- private search engine DuckDuckGo and virtual private network service Viking VPN were the primary donors to OSTIF for this audit -- which is why audits aren't more common. However, as many commercial products and other open source projects rely heavily on a handful of open source projects, audits are increasingly becoming important. With the VeraCrypt audit complete, the OSTIF is looking ahead to audits of OpenVPN 2.4. GnuPG, Off-the-Record, and OpenSSL are also on the roadmap. The Linux Foundation's Core Infrastructure Initiative had stated plans for a public audit of OpenSSL with NCC Group, but the status of that project is currently unclear. "I wish we could just hit every project that everyone likes, and my list would be enormous, but we have finite resources to work with and securing funding is the vast majority of our work right now," Zimmer wrote, noting that OSTIF is focusing on one "promising" project in each area of cryptography.
Patches slung at 11 bad bugs Security researchers have found eight critical, three medium, and 15 low -severity vulnerabilities in a one month audit of popular encryption platform VeraCrypt. The audit is the latest in a series prompted by the shock abandoning of TrueCrypt in May 2014 due to unspecified security concerns claimed by the hitherto trusted platform's mysterious authors. VeraCrypt arose from the ashes of TrueCrypt and added new security features. Quarkslab senior security researcher Jean-Baptiste Bédrune and senior cryptographer Marion Videau crawled through the VeraCrypt codebase, focussing on version 1.18 of the platform and the DCS EFI Bootloader 1.18 (UEFI), examining new security features introduced since the April 2015 security audit of TrueCrypt. They report boot passwords in UEFI mode and code length in legacy mode could be retrieved by attackers.

This appears to stem from a failure to properly erase passwords when changed by users. Further critical errors include the implementation of the GOST 28147-89 symmetric block cipher which the pair say must be abandoned due to implementation errors.

All compression libraries were considered outdated or "poorly-written". Researchers bankrolled by the Open Source Technology Improvement Fund on 1 August funded by DuckDuckGo and VikingVPN detailed their findings in a 42-page report (PDF). Critical and medium -severity flaws have been fixed in the latest VeraCrypt release version 1.9, along with most low risk vulnerabilities and concerns.

Those that remain unfixed were left due to the high complexity of patching, but researchers have also proposed workarounds. VeraCrypt has since dumped GOST 28147-89 encryption allowing users to decrypt volumes but not create new instances using the cipher. Boot password flaws were also squashed along with four other bootloader problems. "VeraCrypt is much safer after this audit, and the fixes applied to the software mean that the world is safer when using this software," the Open Source Technology Improvement Fund says of the audit. The auditors say the review is useful and beneficial for users, but is too expensive to be conducted for every version of encryption tools. ®
Researchers fear spies are about Security researchers running a project to audit open source disk encryption tool VeraCrypt have been spooked by the mysterious disappearance or non-arrival of encrypted communications. The OSTIF (the Open Source Technology Improvement Fund) mounted an effort to get VeraCrypt independently audited at the start of August.
Vulnerability researchers from QuarksLab were recruited to lead the efforts, which is setting out to look for security vulnerabilities or other shortcomings in VeraCrypt's code. “Using funds that were donated by DuckDuckGo and VikingVPN, we plan to hire QuarksLab to go over the code and search for vulnerabilities and backdoors,” OSTIF explains. The project parallels a similarly motivated audit of VeraCrypt's predecessor, TrueCrypt.

The organisations behind the exercise hope to go public with their findings in mid-September. Until then, participants of the project need to maintain the utmost secrecy. “The team has been instructed to give any results of this audit directly to the lead developer of VeraCrypt using heavily encrypted communications,” it said. “This is to prevent their research from leaking zero-day vulnerabilities to the public, and so that the OSTIF does not have access to the results ahead of the public.” Snoop dogged? Sounds like a plan. However participants in the audit project have been thrown off their game by the mysterious disappearance of four PGP-encoded email messages, each sent by independent parties. OSTIF suspects snooping rather than misadventure. We have now had a total of four email messages disappear without a trace, stemming from multiple independent senders. Not only have the emails not arrived, but there is no trace of the emails in our “sent” folders. In the case of OSTIF, this is the Google Apps business version of Gmail where these sent emails have disappeared. This suggests that outside actors are attempting to listen in on and/or interfere with the audit process. OSTIF has switched to a different (Unspecified) communications process which might be a sensible course of action anyway, since PGP is notoriously difficult to use and offers no better security than secure messaging alternatives. “If nation-states are interested in what we are doing we must be doing something right,” OSTIF concludes. Well it’s tempting to think a spy agency might be involved - after all they have the biggest pool of resources to call on - it’s not beyond the bounds of possibility that a profit-motivated hacker might be behind the nobbled communications. Zero-day vulnerabilities in VeraCrypt would easily commend a tidy pay-off from exploit brokers. It’s all great fodder for conspiracy theorists who, as security industry veteran Graham Cluley notes, have already had a field day over TrueCrypt’s mysterious retirement two years ago. ® Sponsored: 2016 Cyberthreat defense report
Sprinters pay up to unlock data NASCAR, America's favorite no-right-turn racing format, has joined the growing ranks of people hit by, and paying out to fix, ransomware. The Circle Sport – Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware.

The laptop was quickly isolated, but left the team's crucial test data locked up two days before a big race. "Just knowing that we could lose everything that we have worked so hard to achieve over the years in 48 hours was terrifying," said Dave Winston, NASCAR Sprint Cup Series Crew Chief for CSLFR. "The data that they were threatening to take from us was priceless, we couldn't go one day without it greatly impacting the team's future success.

This was a completely foreign experience for all of us, and we had no idea what to do. What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars." Youtube Video After failing to recover its files, the team made the decision – a common enough one – to pay up and get its data back.

After sourcing a few hundred bucks in Bitcoins to pay the fee, the encryption key was sent over by the online criminals running the code. That gave the team the ability to get back into its data, but they were worried about other infections lurking on their systems.

A survey with security firm Malwarebytes found more ransomware malware on its computers, and now the team has a cleaner network and the security firm's name emblazoned across its car. "Companies of all types and sizes can fall victim at any time.
Instances of ransomware infection are growing rapidly, and the first step in fighting a disease is protection," said Marcin Kleczynski, CEO of Malwarebytes. ®
No fatal flaws found but troubling questions about TrueCrypt's future remain.
DIY guide provides instructions for carrying out similar muckraking exploits.
TrueCrypt developer withholds permission, suggests "starting from scratch."
Thorough cryptanalysis will search for backdoors and crippling weaknesses.
The development of TrueCrypt, the popular open-source application used to encrypt files, partitions and entire storage devices, has come to an abrupt end after a warning message appeared on the application's SourceForge development pages. The sudden, ominous warning has caused widespread speculation, including that the application may have been compromised by the US National Security Agency (NSA). "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues," read the message. It continued: "The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. "Such integrated support is also available on other platforms. You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." However, TrueCrypt was recently professionally audited in response to fears that the NSA had compromised the software and, while sloppy coding practices were revealed, the auditors say that they did not find any evidence of compromise. Matthew Green, a cryptography specialist working at John Hopkins University in the US who led the auditing initiative, said that he believed the announcement to be authentic. He claims that he is endeavouring to contact the secretive cabal of developers to find out more. Security commentator Brian Krebs also argued that the announcement was probably legitimate and that the software was being retired by the developers.  "The last version of TrueCrypt uploaded to the site on May 27 (still available at this link) shows that the key used to sign the executable installer file is the same one that was used to sign the program back in January 2014 (hat tip to @runasand and @pyllyukko). Taken together, these two facts suggest that the message is legitimate, and that TrueCrypt is officially being retired," Krebs wrote in a blog posting. The current version available for download on TrueCrypt's SourceForge pages contains changes warning that the application is not safe to use, while the new release enables users to decrypt already-encrypted data, but without the ability to create new encrypted volumes. Users of TrueCrypt have been advised to migrate to alternative encryption software. 
Support for decade-old crypto program pulled, touching off Internet firestorm.