Looks like open source disk encryption software TrueCrypt has shown its mettle in a cybercrime case out of Brazil. The Brazilian police seized 500 TrueCrypt protected drives from the apartment of Daniel Dantas, a Rio banker accused of financial crimes. In Brazil, there is no law compelling defendants to reveal passwords to encrypted evidence, so the Brazilian crime lab attempted to break the encryption for five months with no success. They then turned to the US FBI, who ran dictionary attacks against the encryption for another year. No joy. As a result of the banker’s good password practices, the 500 drives with potential evidence were reduced to really ugly paperweights.
While this was a loss for the good guys, it does provide security professionals with some valuable information. First, choosing a strong (long non dictionary word with special characters, numbers and the like) password is still an integral part of good basic meat and potatos security practice. Second, if the FBI is unable to crack a TrueCrypt protected drive without the user having chosen a boneheaded password, it seems like the program is a good and cost effective choice for protecting personal data as well as in small business environments. The only thing missing for bigger business is some sort of key management and recovery scheme… sounds like an opportunity for an entrepeneurial crypto programmer.