在加密软件TrueCrypt停止开发之后,要寻找TrueCrypt的替代,可能没有VeraCrypt比更好的了。VeraCrypt是TrueCrypt的分支,于2013年6月发布,法国安全顾问Mounir Idrassi是项目的主要开发者。
Idrassi创建VeraCrypt分支的动机是在2012年他被要求在客户产品中整合TrueCrypt,他评估了TrueCrypt代码后发现它存在一些问题,TrueCrypt的主要弱点是不能防御暴力破解攻击。
在加密系统分区时,TrueCrypt使用PBKDF2-RIPEMD160算法进行1000次迭代;对于标准容器和非系统分区,TrueCrypt最多迭代2000次。相比之下,VeraCrypt使用PBKDF2-RIPEMD160算法对系统分区迭代327,661次,对于标准容器和非系统分区,迭代次数进一步增加到655,331次,大幅增加暴力破解难度。结果是,VeraCrypt打开加密分区的速度略慢,而它的加密格式也不兼容于TrueCrypt。
另一个TrueCrypt分支CipherShed项目则努力兼容TrueCrypt加密格式。
流行加密工具TrueCrypt背后的匿名开发者在今年早些时候突然宣布项目终止开发,并警告使用TrueCrypt不安全,软件可能包含未修正的安全问题。
TrueCrypt作者自己写的开源许可证对fork有很多限制,而TrueCrypt的一位开发者认为在参考TrueCrypt源代码的情况下重写并不需要太多工作。现在,一群开发者宣布fork终止已经开发的TrueCrypt,创建CipherShed项目,将在标准的开源许可证下公开源代码。
约翰霍普金斯大学的Matthew Green教授致函一位TrueCrypt开发者,询问fork的可行性。这位TrueCrypt开发者简短的回答,创建分支是不可能的。他说,创建分支不是一个好主意,因为TrueCrypt的代码需要重写。他们一直想重写代码。他认为,从头开始写一个加密软件所耗费的时间并不比学习和理解现有的TrueCrypt代码库长。他表示参考TrueCrypt的源代码不会有什么问题。
==================
以下是Matthew和这位开发者的电邮(和我的中文翻译),英文来源 http://pastebin.com/RS0f8gwn
====开发者的回复====
I am sorry, but I think what you’re asking for here is impossible. I don’t feel that forking truecrypt would be a good idea, a complete rewrite was something we wanted to do for a while. I believe that starting from scratch wouldn’t require much more work than actually learning and understanding all of truecrypts current codebase.
I have no problem with the source code being used as reference.
很抱歉,我想你所说的fork一事目前是不可能的。我不觉得fork truecrypt项目是个好主意,从头重写truecrypt的代码的想法已在我们脑中闪了一段时间了。我想从头重写所需的工作量并不会比学习和理解现有truecrypt的全部代码要多。
如果将truecrypt源码作为开发参考的话,我觉得没什么问题。
====Matthew的邮件====
Hi,
I hope you’re well. I understand from seeing some previous emails that you were one of the Truecrypt developers, and that you’re no longer interested in continuing work on the project. I understand and can sympathize with that.
嗨,首先祝你过的愉快。 我从之前的一些email里了解到你是truecrypt项目其中的一位开发者, 而且你们现在也没有兴趣再继续这个项目的开发了。鉴于truecrypt项目的现况,我能理解并也有同感。
For the past several months we’ve been (very slowly) auditing the TC code. Now that you’re no longer maintaining it, there seems to be a great deal of interest in forking it. I think this interest has reached the point where a fork is virtually inevitable. This makes me somewhat worried.
在过去几个月里,我们已开始(很慢地)检查truecrypt的源码。如今你们也不再维护它,若能fork它则是让人很感兴趣的事情。实际上,这种兴趣已经上升到一个不可避免的临界点了,这样反倒让我有些担心起来。
We think Truecrypt is an important project — no proprietary disk encryption system offers cross-platform support and the same feature set. Moreover, Truecrypt is unlikely to ‘go away’ just because the developers have abandoned the project. In fact, it may become significantly less secure if it goes forward as samizdat or as part of some unauthorized fork.
我们认为Truecrypt是一个很重要的项目,是一个没有专利权限制、跨平台、且各平台上功能特性一致的磁盘加密系统项目。而且,truecrypt已经不是一个“仅仅因为被开发者放弃”就能说消失就消失的项目。实际上,如果这个项目被未经授权的山寨,或者成为一个地下项目的话,有可能反而成为一个“更加不安全的”磁盘加密项目。
We’d like the project to continue, but in a responsible way. That means fully auditing all of the crypto/container and bootloader code and (likely) replacing much of it with fresh implementations. Even though this will require some substantial re-development it still seems more practical than starting from scratch. The current plan is being led by a group of people who have a great deal of experience with cryptography and the expertise to identify flaws, but would prefer not to engineer from scratch.
我们希望这个项目能继续下去,但要以负责任的方式继续下去。这就意味着需要审查全部的crypto/container和boot loader代码,可能的话还需要用一些新的实现来替换一些旧代码。尽管这样也需要再开发,但仍然比从头重写要更现实一点。目前的开发计划小组由一些具备丰富加密开发经验和缺陷识别经验的人士领导着,但也倾向于不要从零开始。
The main concern we have right now is with the license structure and trademarks associated with Truecrypt. Of course some will fork the reject(PS:Matthew是不是输错了,应该是project吧?) regardless of the legal issues, but this doesn’t seem appropriate without clear guidance. What we would like is permission to take at least portions of the current codebase and fork it under a standard open source license (e.g., GPL/MIT/BSD). We would also like permission to use the Truecrypt trademark as part of this effort. If that’s not possible, we would accept a clear statement that you would prefer the software not be renamed.
我们目前主要关注的是与truecrypt有关的商标和license问题。当然,有人也会直接fork一个项目而无视合法性问题,但没有一个清晰的授权源,就这样做是不大合适的。我们更希望是能够在标准的开源license(如GPL/MIT/BSD)下取得授权,至少可以取得当前源码版本的。我们也希望能被授权继续使用truecrypt这个商标。要是这也不行的话,如果你们能清楚地声明希望软件不要被改名,我们觉得也可以接受的。
I realize this is a great deal to ask, but I would ask you to consider the alternative. Without expert attention there’s a high likelihood that TC 7.1a or some future insecure fork will occupy the niche that a secure version of TC could occupy. Giving your permission to undertake a responsible process of forking and redevelopment would ensure that your work can go on, and that nobody is at risk from using older software.
我知道我的要求也许太过了,但我还是想请你考虑一下另一种情形。如果没有专业人士的关注,很有可能出现不安全的fork版本占领了安全版本本应该有的市场地位。现在你有这样的机会来承担起fork和再开发过程的责任,一方面你们的工作可以得到延续,另一方面没有人会因为继续用老版本的truecrypt而面临风险。
I appreciate any consideration you could give this note. Thank you,
Matt
我将非常感谢你为此作出的任何考虑或回应。谢谢!
TrueCrypt项目背后的匿名开发者突然将truecrypt.org官网定向到sourceforge.net项目主页,宣布项目终止开发,并用红字警告使用TrueCrypt不安全,软件可能包含未修正的安全问题。TrueCrypt最新更新的程序签名与1月份发布的程序使用的签名相同,因此网站发布的信息不是恶作剧而是官方声明。
约翰霍普金斯大学的Matthew Green教授去年组织了对TrueCrypt的安全审计,他有点担心是不是安全审计促使了开发者决定退出。他对开发者的决定也感到失望,认为开发者本来可以改变许可证让其他人能更容易的接管这个项目。他表示安全审计工作会继续下去。
一位与TrueCrypt团队关系密切的开发者给出了他的解释:TrueCrypt失去了动力和主要开发者。他认为TrueCrypt很早以前就出现了死亡的迹象,程序已经很长时间没有引入新功能。引导扇区代码从5.0版以来一直没有变化,很可能是引导扇区的主要开发者不再参与项目了。
此外,TrueCrypt使用微软提供的API处理休眠/睡眠,但Windows 8之后微软不再提供此类API,而Windows是TrueCrypt最主要的市场,诸多困难最终使得开发者决定关闭项目。
流行的开源加密软件TrueCrypt突然在其官网上建议Windows用户改用微软的BitLocker加密磁盘,并用大红字警告使用TrueCrypt并不安全。在官网彻底大变脸前,TrueCrypt更新了二进制程序。目前完全不清楚TrueCrypt项目究竟发生了什么事,有许多人怀疑可能与第二阶段的TrueCrypt安全审计报告即将发布有关。根据官网上的声明,在微软结束支持Windows XP后TrueCrypt的开发于2014年5月终止,Windows 8/7/Vista等操作系统集成了磁盘加密支持,它建议用户将任何TrueCrypt加密的数据迁移到平台支持的加密磁盘或虚拟磁盘镜像。网站图文并茂的一步步介绍了如何将数据从TrueCrypt迁移到BitLocker。
TrueCrypt Website Says To Switch To BitLocker
Several readers sent word that the website for TrueCrypt, the popular disk encryption system, says that development has ended, and Windows users should switch to BitLocker.
A notice on the site reads, “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. … You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.” It includes a link to a new version of TrueCrypt, 7.2, and provides instructions on how to migrate to BitLocker. Many users are skeptical of a site defacement, and there’s been no corroborating post or communication from the maintainers. However, the binaries appear to be signed with the same GPG key that the TrueCrypt Foundation used for previous releases.
A source code diff of the two versions has been posted, and the new release appears to simply remove much of what the software was designed to do. It also warns users away from relying on it for security. (The people doing an audit of TrueCrypt had promised a ‘big announcement’ soon, but that was coincidental.) Security experts are warning to avoid the new version until the situation can be verified.
Friday October 26, 2007 by Jason ‘vanRijn’ Kasper | 15 Comments
I did a small performance test yesterday and was very surprised by the results. I wanted to see which encrypted filesystem was faster betweeen Truecrypt and LUKS. I created 2 20-gig files, one with Truecrypt and the other with LUKS encryption. Then I mounted the encrypted files and copied a 180 meg file 10 times, synced, and then reported the time taken. Here’s the results:
Truecrypt test:
time (for f in $(seq 1 10); do; cp bigfile truecrypt-mnt/bigfile-$f; done;)
0.22s user 26.30s system 15% cpu 2:47.06 total
LUKS test:
time (for f in $(seq 1 10); do; cp bigfile luks-mnt/bigfile-$f; done;)
0.20s user 8.40s system 15% cpu 55.169 total
Wow. Now, granted, this is a simple enough test, but does anyone have any ideas why LUKS would be 3 times faster in writing 1.8 Gigs than Truecrypt?
http://movingparts.net/2007/10/26/truecrypt-versus-luks-speed-test/
TrueCrypt is already running
If a messagebox TrueCrypt is already running appears when starting TrueCrypt, check for a hidden file in the home directory of the concerned user called .TrueCrypt-lock-username. Substitute username with the individual username. Delete the file and start TrueCrypt again. Continue reading »