Encryption software: German BSI withholds Truecrypt security report

The German Federal Office for Information Security (BSI) has kept a detailed examination of the encryption software Truecrypt secret for nine years. On more than 400 pages the documents contain a detailed description of the architecture of the encryption tool, list various security problems and make recommendations on how to fix them.

Golem.de learned about the existence of these documents via an entry on the web plattform "Frag Den Staat" (translated "ask the state"). On this web page citizens can send requests to government agencies according to the German freedom of information law. A user sent a generic request to BSI asking about all investigations of Truecrypt they may possess.

The BSI sent several documents that according to their date were created in 2010 and that contain a detailed analysis of Truecrypt. However BSI told the person that the documents are copyright protected and he is not allowed to publish them. Golem.de therefore requested the documents themselves and got them after some time - also with the remark that they must not be published.

It is a common strategy by government agencies to prevent the publication of documents revealed by freedom of information law requests due to copyright. The platform "Frag Den Staat" has for example been in a legal conflict with the German Federal Institute for Risk Assessment (BfR) about the publication of a report on the herbicide Glyphosate. The BSI also prevented the publication of an earlier report on cryptographic libraries referring to its copyright.

The Truecrypt documents contain a remark that it is an item of classified information, but that remark has been striked through. The content is noteworthy, because it shows that BSI had plenty of information about the security of Truecrypt and specific security problems since a long time. Despite various discussions about the security of Truecrypt that erupted after the Snowden affair they apparently decided not to publish it.

BSI sends complete documents only after multiple requests

The five documents are numbered from AP2 to AP6. AP1 was notably missing. After asking BSI they said: "AP1 is a research and overview of what functionality existing hard drive encryption products on the market implement (including the Windows and the Linux version of Truecrypt). Since this is not an 'investigation' of the 'Truecrypt' program, we saw this document as not covered by the Freedom of Information Act request."

We then requested to receive this document as well. It is surprising that BSI came to the conclusion that this document is not an "investigation" (in German "Untersuchung") of Truecrypt, because the title of the Document starts with "Truecrypt Untersuchung".

Even then the documents were incomplete. The documents contain multiple references that mention that attacks are explained in more detail in AP7. After multiple requests Golem.de also got that document.

Truecrypt was published by anonymous developers

The software Truecrypt has an interesting history. The program was created by anonymous developers. According to investigations by journalist Evan Ratliff the drug dealer Paul Le Roux was involved in the development. Truecrypt gives users a relatively easy way to locally encrypt files in an encrypted data container. It also offers the option to encrypt whole disk drives.

The license of the Truecrypt code is controversial. While the code is publicly available, the license contains some restrictions that cause it to not fall under the definition of free Software or Open Source. Therefore many Linux distributions don't have official Truecrypt packages.

In 2013 the cryptographer Matthew Green started collecting donations to fund a security test of Truecrypt. Together with the IT security professional Kenneth White he founded the Open Crypto Audit Project. The money came in quickly.