Other critical issues are related to the implementation of the GOST 28147-89 symmetric block cipher which is known to be affected by implementation errors. This level of care has not been taken into DCS yet.” reads the audit report published by the experts. However, when a user changes his password, the Password structures containing the new password will not be erased (see the SecRegionChangePwd function in DcsInt / DcsInt.c). TrueCrypt’s developers and VeraCrypt’s have carefully checked if sensitive data was correctly cleared in memory. The user password is properly cleared at startup. “The data handled by the boot loader are rarely erased. They discovered that boot passwords in UEFI mode could be retrieved by an attacker because the application fails to erase passwords when changed by users.
Veracrypt 1.18 driver#
The password supplied by the user is read character per character with the GetKey function of the VeraCrypt bootloader.” “It is difficult to make sure the driver implementation will erase the buffer containing the keystrokes.” The address of this buffer is not known, and fully depends on the implementation. A parallel can be drawn to UEFI: each driver has its own buffer containing the keystrokes. “As explained in The Length of the Password Can Be Computed When Encryption Is Activated, on startup, keystrokes are stored in a specific buffer of the BIOS Data Area. This new module is considered much less mature than the rest of the project, some parts are still incomplete or not implemented at all. One of the most important features implemented by VeraCrypt 1.18 is the UEFI support, its code is in a separate repository, named VeraCrypt-DCS (Disk Cryptography Services). The experts analyzed the VeraCrypt version 1.18 of the platform and the DCS EFI Bootloader 1.18 (UEFI), their analysis was focused on the new features introduced since the security audit of TrueCrypt conducted in April 2015. VeraCrypt is a project based on TrueCrypt 7.1a and maintained by IDRIX, it was launched after the shocking shut down of the TrueCrypt project in 2014.
Veracrypt 1.18 software#
A new audit of the disk-encryption software revealed the existence of eight critical, three medium, and 15 low -severity vulnerabilities. The security researcher Jean-Baptiste Bédrune from Quarkslab and the cryptographer Marion Videau have discovered a number of security vulnerabilities in the popular encryption platform VeraCrypt. “VeraCrypt is much safer after this audit, and the fixes applied to the software mean that the world is safer when using this software.”
0 kommentar(er)
