• IT-Karriere:
  • Services:

Missing chapter about off-by-one-overflows

However the report hints that more such flaws exist. Another chapter in the documents mentions, that several such off-by-one-errors were found, but due to a lack of a complete code analysis only examples can be shown. However even those examples are missing in the document - the following chapter only consists of a headline and has no content.

  1. ZIEHL-ABEGG SE, Künzelsau
  2. InnoGames GmbH, Hamburg

Several times the documents mention a systemic weakness of Truecrypt on Linux if non-root users are allowed to mount Truecrypt volumes. This is not officially supported, however one can allow users to execute the so-called Core Service from Truecrypt via sudo.

This makes it possible for users to mount encrypted disks, however it automatically also allows those users root privilege escalation. The BSI audit mentions several ways how that is possible, in the simplest case a user can mount a Truecrypt volume that contains a file with suid root permission that will open a shell. Golem.de was able to replicate this scenario in a current version of Veracrypt.

Keys and Passwords are often not properly overwritten

Most of the specific weaknesses and proposed improvements are regarding the memory management and the secure wiping of memory areas. In cryptographic software it is common practice to overwrite memory that contained keys, passwords or other critical data after its use. This is done to prevent leaking of memory later due to other software error.

The correct implementation of this wiping is not trivial, as compilers can optimize out such overwriting commands. A talk at last year's 35C3 discusses this problem in detail. The Truecrypt and Veracrypt code uses a macro named burn, but it is not used in all places where this would be sensible.

The BSI audit has an extensive list of functions in the Truecrypt code. It was checked for each function whether it uses key material and if this is overwritten correctly. In many instances the auditors found weaknesses.

Particularly problematic is a C++ class called Memory that has a special function Erase and that does not use the safe macro burn, but a normal call to the memset function. However this error was fixed in newer versions of Truecrypt.

However the BSI audit mentions various other such mistakes, many of whom are still present in Veracrypt's code. In some functions key material is stored in temporary variables, in other places not all possible code paths are properly considered. We have sent patches for some of these problems to the Veracrypt developers.

Uninitialized Array can be used according to C standard

We found one description of a supposed bug that actually isn't one. In a function to calculate hashes with the RIPEMD160 algorithm a global array is in some situations used uninitialized. However that is no problem: Static arrays are always initialized with zeros according to the C standard.

None of the weaknesses mentioned in this report is critical. The encryption is and stays relatively solid and safe. However everyone who uses Veracrypt should only use the latest version and install provided security updates. And people who still use Truecrypt should switch to Veracrypt.

The information from this audit could be used to improve the security of Veracrypt. Many users would profit from that. While Truecrypt and Veracrypt aren't as important as they once were, it seems especially German municipalities often still use them. According to a survey by the privacy commissioner of the federal state Baden-Württemberg 9 percent of municipalities say that they use either Truecrypt or Veracrypt.

Shortly before we published this article the BSI has allowed to publish the Truecrypt documents. They can be downloaded from the Frag den Staat web page.

Update from December 16th 2019, 13:22

Added link to documents that are now publicly available. Dieser Text ist auch auf deutsch verfügbar.

Bitte aktivieren Sie Javascript.
Oder nutzen Sie das Golem-pur-Angebot
und lesen Golem.de
  • ohne Werbung
  • mit ausgeschaltetem Javascript
  • mit RSS-Volltext-Feed
 Truecrypt developers suddenly end development and point to security problems
  2. 1
  3. 2
  4. 3

  1. 1439,90€ (Vergleichspreis: 1530,95€)
  2. täglich neue Deals bei Alternate.de

danielmain 16. Dez 2019 / Themenstart

Was für eine Leistung in den Top 10 von Hacker news zu stehen. Weiterso!


Folgen Sie uns

Silent Hill (1999) - Golem retro_

Wir haben einen Ausflug ins beschauliche Silent Hill gemacht - und ins Jahr 1999.

Silent Hill (1999) - Golem retro_ Video aufrufen
Amazon, Netflix und Sky: Disney bringt 2020 den großen Umbruch beim Videostreaming
Amazon, Netflix und Sky
Disney bringt 2020 den großen Umbruch beim Videostreaming

In diesem Jahr wird sich der Video-Streaming-Markt in Deutschland stark verändern. Der Start von Disney+ setzt Netflix, Amazon und Sky gehörig unter Druck. Die ganz großen Umwälzungen geschehen vorerst aber woanders.
Eine Analyse von Ingo Pakalski

  1. Peacock NBC Universal setzt gegen Netflix auf Gratis-Streaming
  2. Joyn Plus+ Probleme bei der Kündigung
  3. Android TV Magenta-TV-Stick mit USB-Anschluss vergünstigt erhältlich

Arbeit: Warum anderswo mehr Frauen IT-Berufe ergreifen
Warum anderswo mehr Frauen IT-Berufe ergreifen

In Deutschland ist die Zahl der Frauen in IT-Studiengängen und -Berufen viel niedriger als die der Männer. Doch in anderen Ländern sieht es ganz anders aus, etwa im arabischen Raum. Warum?
Von Valerie Lux

  1. Arbeit Was IT-Recruiting von der Bundesliga lernen kann
  2. Arbeit Wer ein Helfersyndrom hat, ist im IT-Support richtig
  3. Bewerber für IT-Jobs Unzureichend qualifiziert, zu wenig erfahren oder zu teuer

Lovot im Hands-on: Knuddeliger geht ein Roboter kaum
Lovot im Hands-on
Knuddeliger geht ein Roboter kaum

CES 2020 Lovot ist ein Kofferwort aus Love und Robot: Der knuffige japanische Roboter soll positive Emotionen auslösen - und tut das auch. Selten haben wir so oft "Ohhhhhhh!" gehört.
Ein Hands on von Tobias Költzsch

  1. Orcam Hear Die Audiobrille für Hörgeschädigte
  2. Schräges von der CES 2020 Die Connected-Kartoffel
  3. Viola angeschaut Cherry präsentiert preiswerten mechanischen Switch

    •  /