On July 4th, 2008, the TrueCrypt Foundation released TrueCrypt version 6.0. TrueCrypt is a very popular open-source disk encryption tool that is currently based on the XTS-AES encryption mode that the IEEE P1619 Task Group developed and standardized in December 2007. As the chair of the IEEE Security in Storage Working Group (SISWG) -- the group that oversaw the development of XTS -- I'm very pleased to see the continued adoption of XTS in the industry.
On a related note, NIST is currently considering XTS as an Approved Mode of Operation for protecting U.S. government confidential data under FIPS 140-2. If NIST accepts XTS, this will be a huge boon to TrueCrypt and similar tools that use XTS. If you use TrueCrypt or other tools that use XTS, please send NIST a comment (before Sept 2008).
For a limited time, you can pick up a free copy of XTS from IEEE. After September, you'll have to buy it from the IEEE store. See the P1619 homepage for instructions and other information.
Subscribe to:
Post Comments (Atom)
Any update on whether NIST has listed XTS as an Approved Mode of Operation for protecting U.S. government confidential data under FIPS 140-2? Thanks.
ReplyDeleteNIST expects to make a decision by the end of May 2009, or shortly thereafter.
ReplyDeleteMatt you and I communicated by email a few weeks ago. Do you know if the approval has come through as an extension so XTS can be considered FIPS 140-2 for a period past the end of May. I thought that was when the temporary permission to use XTS as a FIPS 140-2 compliant encryption expired.
ReplyDeleteHi John: NIST has told me privately that they have approved XTS-AES, and will publish an SP 800-XX series draft that says so. There will be a public review period, and then NIST will update their FIPS 140-2 documentation to allow XTS-AES. It will take several months before NIST issues algorithm certificates for XTS-AES. I haven't heard of any temporary permission to use XTS-AES yes, but I'm not involved in certifying a product that uses XTS.
ReplyDeleteFor those following this issue, now especially important under the HITECH Act, to avoid security breach reporting requirements for HIPAA Covered Entities and Business Associates -- TrueCrypt XES-AES has been approved by NIST with a few caveats. see http:/www.law2point0.com/
ReplyDeleteSo where do we stand now in 2012? Is truecrypt and the standard maturing into something that will compete on a level with symantec and the purchase of guardian edge?
ReplyDeleteI can't comment directly on TrueCrypt itself, since I haven't used it in years, but concerning XTS-AES, Apple has shipped support for XTS-AES in OS X Lion 10.7 as the algorithm used in their full disk-encryption offering (which comes free with the operating system). I don't see anything else meaningfully competing with Apple on OS X Lion. For OS X 10.6 and 10.5, there's FileVault, but this just provides encryption of the home directory, not the entire hard disk. But this isn't nearly as secure as something like PGP-full disk encryption or TrueCrypt's full disk encryption.
ReplyDeleteI haven't used Windows laptops in a couple years, so don't really know what's currently the best solution there (probably just PGP full-disk encryption). Linux has a number of encryption solutions, like ecryptfs, but these can sometimes be a bit slow. I'm using ecryptfs for a Linux box in my living room, and there is a substantial delay when logging in due to the time it takes to mount the ecryptfs home directory. I'm half tempted to just turn off the encryption and make sure that I don't put any sensitive information on that computer.
XTS-AES has been an Approved algorithm under NIST's FIPS 140-2 for a couple years now, so the algorithm seems to have some staying power. There's some talk about maybe recommending that NIST also accept the EME-2 mode of IEEE Std 1619.2, but no one has done this coordination work yet. I think that PGP's full disk encryption may use EME-2 or some similar mode.