In association with heise online

13 March 2008, 11:45

Possible vulnerability in TrueCrypt 5.1

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A possible vulnerability in TrueCrypt 5.1 that can expose keys on Windows systems has been described in a Russian language blog. This reports that the key remains in memory while the memory image is being written to disk, prior to entering hibernation mode. Attackers could read it there later, and use it to decrypt containers and partitions. But allegedly the keys are only exposed under specific circumstances, for example when using specific drivers for unusual storage controllers and RAID controllers. Windows 2000 systems with a RAID system based on the Intel Matrix Storage chip are said to be at particular risk.

Although TrueCrypt has long supported hibernation, the developers only added the hibernation function for completely encrypted system partitions in its current Version 5.1. It is not known whether the developers have been informed of this latest problem. An enquiry by heise Security still awaits an answer.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit