Haven't seen a post about this -
http://istruecryptauditedyet.com/Phase I is done -
https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdfThe key used to encrypt the TrueCrypt Volume Header is derived using PBKDF2,
a standard key derivation algorithm
5
. Developers are responsible for specifying an iteration
count that influences the computational cost of deriving a key from a password. The i
teration
count used by TrueCrypt is either 1000 or 2000, depending on the hash function and use case.
In both cases, this iteration count is too small to prevent password guessing attacks for even
moderately complex passwords. The paper that introduces scr
ypt
6
, an alternate key derivation
function, demonstrates the challenge of using PBKDF2 even with a very high iteration count
–
brute
-
forcing key derivation is easily parallelized and becomes more efficient each year with a
d-
vances in CPU performance. The us
e of a small iteration count in TrueCrypt permits efficient
brute
-
force attacks against its header key
(yea copy/paste from the pdf is screwy...)
I haven't read it all yet, but it's interesting.
