Sign up for our newsletter
Technology / Cybersecurity

TrueCrypt audit to overturn fears of corruption

The encryption tool TrueCrypt appears to be on the return, following months of rumours that the project had been corrupted by American police.

Matthew Green, a cryptologist and spokesman for the project, announced on his blog that the second part of a mooted audit was due to go ahead despite the original project team having disappeared in spring of last year.

"This threw our plans for a loop," Green wrote. "We had been planning a crowdsourced audit to be run by Thomas Ptacek [founder of Matasano Security] and some others.

"However in the wake of TC pulling the plug, there were questions. Was this a good use of folks’ time and resources? What about applying those resources to the new ‘TrueCrypt forks’ that have sprung up (or are being developed?)"

White papers from our partners

Since then those stewarding the project have decided to sign a second auditing deal with information assurance firm the NCC Group’s Cryptography Service, but cut costs by agreeing to a flexible starting date – hence the delay.

The results are hoped to prove that TrueCrypt, which was once used by NSA whistleblower Edward Snowden, is still safe for people to use to disguise their communications from prying officials, with the audit drawing on a crowdfunding effort worth more than $70,000 (£45,600).

"This project has been a bit slower than any of us would like, but results are coming," Green added. "Personally, my hope is that they’ll be completely boring."


This article is from the CBROnline archive: some formatting and images may not be present.