TrueCrypt May Be Dead (To GCHQ)

In a statement to a British court, it’s come out that Brit authorities have managed to decipher a LOT of the encrypted hard drive David Miranda was carrying.

Given that Laura Poitras is known for being extremely good and extremely careful when it comes to encryption and technical “operational security”… this should suggest to you that the encryption program (TrueCrypt) and/or encryption algorithms she used (one or more of AES, Blowfish, and Serpent) are not secure against nation-state adversaries.

Assuming Poitras used a proper key length, and based on my (admittedly imperfect) crypto knowledge, a successful decryption should have taken months-to-years even with a hell of a lot of computing power aimed at it.

Here, it took less than 13 days… and if my memory serves, UK officials were boasting that they’d found more than 50,000 “highly secret” documents on Miranda’s drive within a handful of days since his detention, so the decryption may have gone even faster.

One of the most misleading things about this story is that the English police have been so successful because Miranda was carrying the password on a piece of paper. (Related: “Between Silk and Cyanide,” go read it.)

As it happens, if you look at what they said “on the record” to the court, the picture is very different.

First of all, here’s Greenwald’s statement. “Anyone claiming that David Miranda was carrying a password that allowed access to documents is lying. UK itself says they can’t access them.” [1]

Now, as per the Scotland Yard statement, “This password allowed them to decrypt one file on his seized hard drive, adds Oliver Robbins, Cabinet Office security adviser.”[2]

Someone on Twitter (whom I can’t find right now) claimed that Greenwald claimed this file was the “what software to use” decryption instructions for the rest.

Nevertheless, despite not having the password, Scotland Yard has managed to decrypt a third of the 60GB drive since it came into their possession[3] 13 days ago.[4]

If I were looking to hide a cryptanalytic capability despite having to admit it in court, I’d only admit in court to having decrypted as much as necessary to prove my point… and then I’d still try to cover it with a smoke-screen about Miranda having carried the password! [5]






%d bloggers like this: