Encryption software TrueCrypt may be restored and improved by a group of developers, led by the team who crowd-sourced its funding.
According to Reuters, the audit team who crowd-funded $70,000 is planning to continue its quest to determine the security of TrueCrypt, and Matthew Green, a Johns Hopkins University cryptography professor helping lead the effort, said that the effort would seek to fix legal issues with the code.
Speaking to Brian Krebs, Green said he was disappointed that the TrueCrypt team ended things as abruptly as they did, and that he hopes that a volunteer group of programmers can be brought together to continue development of the TrueCrypt code.
“There are a lot of things they could have done to make it easier for people to take over this code, including fixing the licensing situation,” Green said. “But maybe what they did today makes that impossible. They set the whole thing on fire, and now maybe nobody is going to trust it because they’ll think there’s some big evil vulnerability in the code.”
He said before yesterday’s news, that it was in the process of working with people to look at the crypto side of the code, and that was the project we were going to get done over this summer. “Hopefully, we’ll be able to keep TrueCrypt.”
A Twitter account for the Open Crypto Audit has appeared, with it saying it is continuing forward with formal analysis of TrueCrypt 7.1, and hoped to deliver a final audit report in a few months.
It said: “In addition, we will be leading a phase I full audit of OpenSSL in partnership with the Linux Foundation Critical Infrastructure Initiative,” and “we are considering several scenarios, including potentially supporting a fork under appropriate free license, with a fully reproducible build.”
