What does TrueCrypt Shutting its Doors Mean to Data Forensics & Litigation?

As encrypting data seems to be a more common and essential part of the data security process than ever before, it goes without saying that TrueCrypt abruptly shutting its doors at the end of May was definitely a shocker and a kick to the gut.   In short, TrueCrypt was a semi open source and free encryption program for data at rest.  TrueCrypt was especially handy for forensic examiners and corporations when passing along data on hard drives to various parties involved in discovery for litigation purposes.  Encrypting data through TrueCrypt was that extra step and gave a real sense of security for protecting a Corporation’s confidential data.

So What Happened?

With any encryption program there is always skepticism about vulnerabilities.  The majority of skepticism is typically directed at the developers and whether they have created a backdoor entry that allows the person to decrypt your files without your knowledge.  In his article in Lawfare, Paul Rosenzweig of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group, points out that “Microsoft has a very robust encryption program known as BitLocker. But the implementing code for that program is proprietary, and so the only assurance you have that Microsoft has NOT put a backdoor in the code is that it says it hasn’t.”

In any event, the unknown developers of TrueCrypt agreed to an audit of their code to debunk any skepticism into backdoor vulnerabilities into their program.    The first phase of the audit TrueCrypt passed with flying colors.  The second phase of the audit had not yet taken place when TrueCrypt shut its doors (it is planned for later this year).  Some believe that TrueCrypt would have failed the second phase of auditing and that a backdoor or other sort of major security flaw had been identified.  Others believe the developer’s just got fed up and were done with it all. In fact, one of the members of the TrueCrypt Audit Project claims to have been in contact with at least one developer and that he confirmed that the team just got tired of the hassle of maintaining the program and quit.

What to make of TrueCrypt Now?:

Personally I am not running through the streets of Boston with my hair on fire now that TrueCrypt has shut its doors.  It will be interesting to see what the second audit yields.  Heck, Amazon is still using TrueCrypt even after its demise.  As a data forensic company we have multiple encryption methodologies so TrueCrypt, although a favorite of many forensic examiners, is not the end all be all.  Other tools are just as impressive.  Here is a side by side comparison of BitLocker versus TureCrypt.  Over time, as TrueCrypt is no longer supported and updated you will see a gradual decline of its utilization and other solid encryption alternatives will take over as the gold standard.





Photo Source