Software Update: TrueCrypt 4.1

TrueCrypt has received a minor update to version 4.1. TrueCrypt is an open source encryption program that can encrypt physical volumes (a hard drive or a partition) and virtual volumes (a file accessed as a partition). A number of different methods can be used for this, including AES (256-bit), Blowfish (448-bit), CAST5 (128-bit), Serpent (256-bit), Triple DES and Twofish (256-bit) . They can also be used sequentially so that, for example, a file is first encrypted with AES and then with Serpent.

The special thing about TrueCrypt is the possibility to create a hidden volume in the encrypted disk. This second volume is only visible if the correct password is entered. So if you are forced to provide the password, you can only provide the password that gives access to the entire encrypted disk. The second hidden volume is then completely invisible. More information about this can be found at this page to be found. The most important innovation is the addition of LRW-AES, also known as tweakable block cipher, which allows sector-level encryption. The full changelog looks like this:

New features:

• New mode of operation implemented: LRW.

  LRW mode is more secure than CBC mode and is suitable for disk encryption. LRW mode is to become an IEEE standard for sector-based storage encryption. (For more information on LRW mode, see chapter Technical Details, section Modes of Operation in the documentation).

  Volumes created by this version of TrueCrypt can be encrypted only in LRW mode. However, volumes created by previous versions of TrueCrypt can still be mounted by this version of TrueCrypt.

  To prevent a recently discovered attack, we strongly recommend that you move data from your old volume to a new volume created by this version. Description of the attack: If plaintext blocks produced by an adversary are written to a mounted volume (ie, if they are correctly encrypted) and if such plaintext blocks are written to the correct volume sectors chosen by the adversary, it is possible to distinguish the volume from random data (by XORing first two blocks of the chosen sectors and comparing the results). This volumes affects created by all versions of TrueCrypt prior to 4.1, except volumes encrypted with AES-Blowfish or AES-Blowfish-Serpent.

• The encryption algorithm test facility (Tools -> Test Vectors) now supports LRW mode.

improvements:

• AES Routines by Dr. Brian Gladman updated to the latest version.
• Improved support for using TrueCrypt under non-administrator accounts on Linux (set-euid root).
• A new instance of TrueCrypt will be created only if necessary.
• Other minor improvements

bug fixes:

• Password input field will be correctly wiped after each mount attempt.
• Hidden volume protection now works if set via ‘Mount with Options’.
• Containers located on volumes that are accessible only in local user name space can now be mounted.
• The option /keyfile now works if specified with ‘/auto devices’ or ‘/auto favorites’ (command line usage)
• Volumes whose paths contain spaces can be mounted (Linux)
• Several localization issues fixed
• Other minor bug fixes

[break]