The Swiss website seems to be a genuine effort to eventually create a fork of the Truecrypt code and to create a new project with a new name. The anonymity combined with the lack of clarification from the developers and amateurish method of informing their users created a lot of unnecessary speculation.
Theories ranged from the developers simply giving up, to TC being served with an NSL. Yesterday, when the news was broken, there was initially a lot of speculation regarding the possibilities of what has happened. Essentially, it is no less safe today than it was two or three days ago to most users, although you should not take my word for that as I am by no means a security professional. However, until that report shows that flaws exist in the program, it can be argued that it is "safe enough" to use depending on the threats you are faced with in your situation.
Further issues are created because TC is developed by two semi-anonymous (source in Russian) developers and its unique license prevents it from being open-source. This is of significant importance as we expect the phase 2 audit report from iSec because it means that if serious flaws are found in the encryption used or the implementation of it, then those flaws will not be fixed by the developers. As for how easy it is to brute-force crack a 256-bit key it's impossible beyond the laws of physics.Īs of the latest information, the main problem with Truecrypt right now is that it is no longer supported and maintained. Anything beyond that is just further permutation of the same bits.Īgain, you choose the hash type, and SHA-256 and SHA-512 are common candidates. But if you're using truly random keyfiles, then just a few bytes (say 64 characters) is typically enough to hit that entropy cap. The result is far larger than could possibly ever by brute-force cracked, so that's not a concern. The length of the hash output depends on the hashing algorithm, but the important point is that no matter how much entropy you put into the hash, the amount you get out is capped at the hash size. As such, the real key length is limited - as of course it would have to be. So anything beyond that is totally superfluous.īut more interestingly, keyfiles are simply hashed (along with other keyfiles and any password) to produce the real key. According to the Truecrypt documentation, only the first 1MB of contents in the keyfile is actually examined.