# Bestcrypt/Truecrypt vulnerable

## MrUlterior

Bored and browsing the forums I came across many mentions of Bestcrypt, which left me wondering why anyone uses it:

Do NOT use bestcrypt or truecrypt, it's vulnerable to watermark attacks:

http://72.14.207.104/search?q=cache:M3btnRSxhOcJ:vision.unige.ch/publications/postscript/99/VoloshynovskiyPereiraPun_eww99.pdf+watermark+attack&hl=en&gl=uk&ct=clnk&cd=1

http://mareichelt.de/pub/texts.cryptoloop.php

If all that is desired from your encryption is to keep honest people honest; my suggestion is use an encrypted archive. Forget best-crypt, you're deluding yourself into believing you have some semblence of security.

Loop-AES in multikey mode is a viable alternative.

Enc-fs seemingly has no ability to encrypt root or swap and is therefore non-viable; additional validation of its viability from a cryptographic point of view, is lacking.

For the real thing, please see http://www.tldp.org/HOWTO/html_single/Disk-Encryption-HOWTO/ and do not rely on the various Tips & Tricks and howto's on the forum & gentoo-wiki.com to provide you with security.

----------

## simon_irl

isn't bestcrypt a closed-source commercial product? if i were serious about protecting my data from sophisticated attempts to decrypt it, i don't think i'd be entrusting it to code that can't even be examined except by the vendor. one more reason to stay away from it.

----------

## gumbothenerd

Actually, that particular vulnerability for TrueCrypt was fixed as early as Nov 25, 2005 with its 4.1 version and inctroduction of LRW mode. What makes the inclusion of TrueCrypt in this forum post, dated Feb 23, 2006, still more peculiar is that even the page you link to[1] acknowledges the TrueCrypt security fix and was updated with that information on Jan 05, 2006. So at the time this thread was started, that information was in the link itself for over a month. Only TrueCrypt versions < 4.1 are affected by this.

I don't know about BestCrypt, since AFAIK, it's not OSS, so I don't care. 

[1] http://mareichelt.de/pub/texts.cryptoloop.php

----------

## thehailo

 *gumbothenerd wrote:*   

> Actually, that particular vulnerability for TrueCrypt was fixed as early as Nov 25, 2005 with its 4.1 version and inctroduction of LRW mode. What makes the inclusion of TrueCrypt in this forum post, dated Feb 23, 2006, still more peculiar is that even the page you link to[1] acknowledges the TrueCrypt security fix and was updated with that information on Jan 05, 2006. So at the time this thread was started, that information was in the link itself for over a month. Only TrueCrypt versions < 4.1 are affected by this.
> 
> I don't know about BestCrypt, since AFAIK, it's not OSS, so I don't care. 
> 
> [1] http://mareichelt.de/pub/texts.cryptoloop.php

 

Agreed. Also besides the fact that this particular issue has already been fixed, it's short-sighted in the continually changing field of cryptography to claim one implementation error should discredit any certain systems future use. If the algorithms are solid and the basic implementation isn't at fault, issues such as this can easily be fixed.

PGP has been found to have issues over the years, but it's still widely considered one of the best available solutions to date. In particular TrueCrypt's ability to utilize a variety of algorithms (meaning you can disable ones which have proven insecure) and its ability to utilize several at once make it a much harder target than most crypto implementations.

----------

## DerRalf

Yep, this has been fixed in TrueCrypt quite a while ago. And please also keep in mind that TrueCrypt is the only _free_ and open source solution to access encrypted data from both Windows and Linux (at least I am not aware of any others). 

I have a large external USB drive that I need to access from Windows. The ext3 partitions are TrueCrypt encrypted and can be accessed in read/write mode from Windows using ext2 IFS (http://www.fs-driver.org/, not to be confused with ext2ifs). It is also much more convienient to use than dm-crypt, which I now only use to encrypt my swap and root partitions.

And hopefully someone will finally move TrueCrypt into portage. Bug 112197 https://bugs.gentoo.org/show_bug.cgi?id=112197 has the ebuild, its been well tested, and lots of people are willing to be the maintainers for this package. I have no clue why it's still not in portage.

----------

## MrUlterior

It is my understanding that Bestcrypt and dm-crypt are still vulnerable. It seems that Truecrypt as of 4.1 has corrected the problem, so I stand corrected  :Smile: 

----------

