Attacking TrueCrypt
by Jürgen Schmidt
The open source TrueCrypt disk encryption tool is considered the to be the software of choice for systematically encrypting data. It is able to encrypt individual drives, such as USB Flash drives, and even entire hard drives. A small utility called TCHead is, however, able to tackle data encrypted using TrueCrypt.
TCHead decrypts and verifies the information in a TrueCrypt container's header. Containers can range from files to copied system volumes from fully-encrypted hard drives. For this, you do of course need the password. If you don't have the right one, TCHead can run through a word list. Unlike cracking tool John the Ripper, however, it is not able to systematically vary these details by, for example, converting lower case letters to upper case or converting letters to leetspeak.
TCHead also carries out this kind of dictionary attack very, very slooooooowly. In tests on a fairly fast computer, the tool required about a minute to run through 1,000 candidate passwords. By comparison, password crackers usually measure their speed in millions of attempts per second. This poor performance is largely due to the fact that TrueCrypt saves keys for testing internally using Password-Based Key Derivation Function 2 (PBKDF2), which is specifically designed to slow down these types of brute-force attacks.
TCHead is able to deal with standard encryption algorithms such as AES, Serpent and Twofish. TrueCrypt, however, also offers the option of using cascaded algorithms such as a combination of AES and Serpent. Our attempts to deploy TCHead against a combination container failed, with no error message, even though the target password was in the word list. One of the TCHead developers has confirmed to The H's associates at heise Security that the tool does not currently support mixed encryption algorithms, but that this is on their to-do list.
A statically linked Linux binary and source code, which we were able to compile under Ubuntu 12.04 LTS with a little tinkering, are available to download from the project's site. There is also a script for building a Windows version using the g++ compiler, though we have not tested this.
In summary, TCHead is a useful addition to any forensic IT specialist's collection and is one of the few available options for tackling encrypted TrueCrypt containers. But don't expect too much: if the targeted TrueCrypt user followed even basic password rules, you don't stand a chance.